suse/kernel-default&distro=SUSE Manager Server 4.3

Vulnerabilities (1,907)

• CVE-2024-40937Jul 12, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags

• CVE-2024-40910Jul 12, 2024
  affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2

  In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep

• CVE-2024-40902Jul 12, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than t

• CVE-2024-39494Jul 12, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren

• CVE-2023-52340Jul 5, 2024
  affected < 5.14.21-150400.24.111.2fixed 5.14.21-150400.24.111.2

  The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

• CVE-2024-39463Jun 25, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's d_fsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcount_t: add

• CVE-2021-4439Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->ta

• CVE-2022-48771Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables use

• CVE-2022-48769Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports [0] that his recent MacbookPro crashes in the firmware when using the variable services at runtime. The culprit appears to be a ca

• CVE-2022-48768Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better

• CVE-2022-48767Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked. Ensure we put it.

• CVE-2022-48765Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: LAPIC: Also cancel preemption timer during SET_LAPIC The below warning is splatting during guest reboot. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvm_

• CVE-2022-48763Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces

• CVE-2022-48761Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP Modules linke

• CVE-2022-48760Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usb_kill_urb() to return. It turns out the issue is not unlinking the UR

• CVE-2022-48759Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev struct rpmsg_ctrldev contains a struct cdev. The current code frees the rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the cdev i

• CVE-2022-48758Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() The bnx2fc_destroy() functions are removing the interface before calling destroy_work. This results multiple WARNings from sysfs_remo

• CVE-2022-48756Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check

• CVE-2022-48754Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put

• CVE-2022-48752Jun 20, 2024
  affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending Running selftest with CONFIG_PPC_IRQ_SOFT_MASK_DEBUG enabled in kernel triggered below warning: [ 172.851380] ---------