suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

Vulnerabilities (2,017)

• CVE-2024-35899MedMay 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush pending destroy work before netlink notifier") to address a race between exit_net a

• CVE-2024-35898MedMay 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within nf_flow_inet_module_exit() can concurrent with __nft_flowtable_type_get() within nf_tables_newf

• CVE-2024-35897MedMay 19, 2024
  affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both

• CVE-2024-35896HigMay 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports showing old bugs exposed by BPF after commit 20f2505fb436 ("bpf: Try to avoid kzalloc in cgroup/{s,g}etsockopt") setsockopt() @o

• CVE-2024-35895MedMay 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in

• CVE-2024-35893MedMay 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: prevent kernel-infoleak syzbot found that tcf_skbmod_dump() was copying four bytes from kernel stack to user space [1]. The issue here is that 'struct tc_skbmod' has a four bytes hole.

• CVE-2024-35886HigMay 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). syzkaller reported infinite recursive calls of fib6_dump_done() during netlink socket destruction. [1] From the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE

• CVE-2024-35884MedMay 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various is

• CVE-2024-35877MedMay 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact, all PTEs) can be replaced during write faults to point at anon folios. Reliabl

• CVE-2024-35866HigMay 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

• CVE-2024-35914May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th

• CVE-2024-35912May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the rx payload length check fails, or if kmemdup() fails, we still need to free the command response. Fix that.

• CVE-2024-35907May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows

• CVE-2024-35904May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on

• CVE-2024-35901May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_

• CVE-2024-35890May 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skb_segment_list those skbs can be reused as-is. This is an issue as t

• CVE-2024-35889May 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: idpf: fix kernel panic on unknown packet types In the very rare case where a packet type is unknown to the driver, idpf_rx_process_skb_fields would return early without calling eth_type_trans to set the skb pro

• CVE-2024-35887May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25_ds_del_timer When the ax25 device is detaching, the ax25_dev_device_down() calls ax25_ds_del_timer() to cleanup the slave_timer. When the timer handler is running, t

• CVE-2024-35885May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: stop interface during shutdown The mlxbf_gige driver intermittantly encounters a NULL pointer exception while the system is shutting down via "reboot" command. The mlxbf_driver will experience an ex

• CVE-2024-35879May 19, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: of: dynamic: Synchronize of_changeset_destroy() with the devlink removals In the following sequence: 1) of_platform_depopulate() 2) of_overlay_remove() During the step 1, devices are destroyed and devlinks