suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

Vulnerabilities (2,017)

• CVE-2024-26597Feb 23, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below: =

• CVE-2024-26595Feb 23, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer

• CVE-2023-52464Feb 23, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx

• CVE-2023-52463Feb 23, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as

• CVE-2023-52462Feb 23, 2024
  affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot_type[BPF_REG_SIZE - 1] (plus potentially few more below it, depending on actual

• CVE-2023-52457Feb 23, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return

• CVE-2023-52456Feb 23, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th

• CVE-2023-52454Feb 23, 2024
  affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

  In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel

• CVE-2023-52453Feb 23, 2024
  affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

  In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume When the optional PRE_COPY support was added to speed up the device compatibility check, it failed to update the saving/resuming data

• CVE-2024-26593Feb 23, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to t

• CVE-2023-52447MedFeb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpf_map_fd_p

• CVE-2024-26591Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can cause a crash due to missing attach_btf: 1) load rawtp program 2) load fentry program with rawtp as target_fd 3) create tracing l

• CVE-2023-52452Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory (ever since 6715df8d5) but, before this patch, these accesses were permitted inconsistently

• CVE-2023-52451Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde

• CVE-2023-52450Feb 22, 2024
  affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

  In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() Get logical socket id instead of physical id in discover_upi_topology() to avoid out-of-bound access on 'upi = &type->topology[ni

• CVE-2023-52449Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read

• CVE-2023-52448Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen when creating rgd->rd_gl fails in r

• CVE-2023-52445Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t

• CVE-2024-26589Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So th

• CVE-2024-26586Feb 22, 2024
  affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

  In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn,