VYPR

rpm package

suse/kernel-default&distro=SUSE Manager Server 4.3

pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3

Vulnerabilities (1,907)

  • CVE-2023-52924Feb 5, 2025
    affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't skip expired elements during walk There is an asymmetry between commit/abort and preparation phase if the following conditions are met: 1. set is a verdict map ("1.2.3.4 : jump foo"

  • CVE-2024-57948MedJan 31, 2025
    affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

    In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardwar

  • CVE-2024-57947Jan 23, 2025
    affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea

  • CVE-2024-57897Jan 15, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize

  • CVE-2024-57893Jan 15, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal

  • CVE-2024-57849Jan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP

  • CVE-2024-57798Jan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot

  • CVE-2024-57792Jan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is b

  • CVE-2024-57791Jan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no

  • CVE-2024-56770Jan 8, 2025
    affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of

  • CVE-2024-56759Jan 6, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled

  • CVE-2022-49035Jan 2, 2025
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case.

  • CVE-2024-56704Dec 28, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique: remove confusing variable reset to 0]

  • CVE-2024-56631HigDec 27, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockde

  • CVE-2024-56664Dec 27, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona

  • CVE-2024-56661Dec 27, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanup_bearer() syzbot found [1] that after blamed commit, ub->ubsock->sk was NULL when attempting the atomic_dec() : atomic_dec(&tipc_net(sock_net(ub->ubsock->sk))->wq_count); Fix th

  • CVE-2024-56658Dec 27, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->x

  • CVE-2024-56651Dec 27, 2024
    affected < 5.14.21-150400.24.161.1fixed 5.14.21-150400.24.161.1

    In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110_can_ist(): fix potential use-after-free The commit a22bd630cfff ("can: hi311x: do not report txerr and rxerr during bus-off") removed the reporting of rxerr and txerr even in case of correct

  • CVE-2024-56650Dec 27, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta

  • CVE-2024-56648Dec 27, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend

Page 44 of 96