suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

Vulnerabilities (2,017)

• CVE-2022-48775Jul 16, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add()： If this function returns an error, ko

• CVE-2022-48774Jul 16, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path of pt_core_init(), 2 goto's have to be switched. Otherwise, some resources will le

• CVE-2022-48773Jul 16, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries f

• CVE-2023-52886Jul 16, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr

• CVE-2024-41007Jul 15, 2024
  affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

  In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1

• CVE-2023-52885Jul 14, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis

• CVE-2024-41006MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nr_heartbeat_expiry() syzbot reported a memory leak in nr_create() [0]. Commit 409db27e3a2e ("netrom: Fix use-after-free of a listening socket.") added sock_hold() to the nr_heartb

• CVE-2024-41004MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and

• CVE-2024-41000HigJul 12, 2024
  affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

  In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: [ 62.982337] ------------[ cut here ]------------ [ 62.985692

• CVE-2024-40995MedJul 12, 2024
  affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

  In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() syzbot found hanging tasks waiting on rtnl_lock [1] A reproducer is available in the syzbot bug. When a request to add multiple actions

• CVE-2024-40984MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Undo the modifications made in commit d410ee5109a1 ("ACPICA: avoid "Info: mapping multiple BARs. Your kernel is fine.""). The ini

• CVE-2024-40980MedJul 12, 2024
  affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

  In the Linux kernel, the following vulnerability has been resolved: drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_lock. This is problematic for RT kernels because spin_locks are sleeping locks in

• CVE-2024-40978HigJul 12, 2024
  affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

  In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash. To fix this issue, use a smal

• CVE-2024-40961MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL. fib6_nh_init() ip6_validate_gw( &idev ) ip6_route_check_nh( idev ) *idev =

• CVE-2024-40960MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL. [1] Oops: general protection fault, probably for non-canon

• CVE-2024-40959MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() ip6_dst_idev() can return NULL, xfrm6_get_saddr() must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonica

• CVE-2024-40958HigJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcount_warn_saturate+0xdf/0x1d0 Modules lin

• CVE-2024-40945MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR value in error cases. Existing drivers (idxd and uacce) only check the return va

• CVE-2024-40942MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets de

• CVE-2024-40941MedJul 12, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove t