suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,617)

• CVE-2024-50155Nov 7, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: netdevsim: use cond_resched() in nsim_dev_trap_report_work() I am still seeing many syzbot reports hinting that syzbot might fool nsim_dev_trap_report_work() with hundreds of ports [1] Lets use cond_resched(),

• CVE-2024-50154Nov 7, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc

• CVE-2024-50147Nov 7, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. In additio

• CVE-2024-50146Nov 7, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not c

• CVE-2024-50143Nov 7, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch repro

• CVE-2024-50141Nov 7, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is f

• CVE-2024-50134MedNov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write

• CVE-2024-50131HigNov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no

• CVE-2024-50127HigNov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre

• CVE-2024-50095MedNov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no.

• CVE-2024-50138Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Use raw_spinlock_t in ringbuf The function __bpf_ringbuf_reserve is invoked from a tracepoint, which disables preemption. Using spinlock_t in this context can lead to a "sleep in atomic" warning in the RT

• CVE-2024-50136Nov 5, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enabling might trigger warnings of the sort: [ 682.589148] ------------[ cut here ]---

• CVE-2024-50135Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we cou

• CVE-2024-50128Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as

• CVE-2024-50125Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.

• CVE-2024-50124Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.

• CVE-2024-50117Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpst

• CVE-2024-50116Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in

• CVE-2024-50115Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc

• CVE-2024-50110Nov 5, 2024
  affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

  In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30 _copy_to_iter+0x598/0x2a30 __skb_datagram