suse/kernel-default&distro=SUSE Manager Server 4.3

Vulnerabilities (1,907)

• CVE-2024-53173Dec 27, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs

• CVE-2024-53168Dec 27, 2024
  affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

  In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID

• CVE-2024-53156Dec 24, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255

• CVE-2024-53146Dec 24, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that

• CVE-2024-53241Dec 24, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati

• CVE-2024-53240Dec 24, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t

• CVE-2024-2201MedDec 19, 2024
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

• CVE-2024-53144Dec 17, 2024
  affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ

• CVE-2024-53142Dec 6, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG

• CVE-2024-53141Dec 6, 2024
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f

• CVE-2024-53135Dec 4, 2024
  affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK

• CVE-2024-53125Dec 4, 2024
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set:

• CVE-2024-53104KEVDec 2, 2024
  affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

• CVE-2023-52922Nov 28, 2024
  affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1

  In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

• CVE-2024-8805Nov 22, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

• CVE-2024-53095Nov 21, 2024
  affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

• CVE-2024-53057HigNov 19, 2024
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

• CVE-2024-53068Nov 19, 2024
  affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1

  In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() The scmi_dev->name is released prematurely in __scmi_device_destroy(), which causes slab-use-after-free when accessing scmi_dev->name in scmi_b

• CVE-2024-53064Nov 19, 2024
  affected < 5.14.21-150400.24.161.1fixed 5.14.21-150400.24.161.1

  In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to comp

• CVE-2024-53063Nov 19, 2024
  affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1

  In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_