suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

Vulnerabilities (2,017)

• CVE-2024-2201MedDec 19, 2024
  affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

  A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

• CVE-2023-4134Nov 14, 2024
  affected < 5.14.21-150500.55.28.1fixed 5.14.21-150500.55.28.1

  A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of ser

• CVE-2024-46830HigSep 27, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS Grab kvm->srcu when processing KVM_SET_VCPU_EVENTS, as KVM will forcibly leave nested VMX/SVM if SMM mode is being toggled, and leaving nested VMX r

• CVE-2024-46822Sep 27, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted th

• CVE-2022-48945Sep 23, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not

• CVE-2024-46786HigSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF The fscache_cookie_lru_timer is initialized when the fscache module is inserted, but is not deleted when the fscache module is removed. I

• CVE-2024-46783MedSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will result in sending a sk_msg larger than the current message size. In this case, in

• CVE-2024-46759HigSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user.

• CVE-2024-46750MedSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is this sequence: WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pci_bridge_seco

• CVE-2024-46746HigSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid device HID driver callbacks aren't called anymore once hid_destroy_device() has been called. Hence, hid driver_data should be freed only after the hid_destroy

• CVE-2024-46745MedSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failur

• CVE-2024-46744HigSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read

• CVE-2024-46743HigSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of_irq_parse_raw() is invoked with a device address smaller than the interrupt parent node (from #address-cells property), KASAN dete

• CVE-2024-46725HigSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix the out-of-bounds write warning

• CVE-2024-46715MedSep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysf

• CVE-2024-46798Sep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object When using kernel with the following extra config, - CONFIG_KASAN=y - CONFIG_KASAN_GENERIC=y - CONFIG_KASAN_INLINE=y - CONFIG_KASAN_VMALLOC=y - CONF

• CVE-2024-46794Sep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmio_read() unintentionally exposes the value of an initiali

• CVE-2024-46791Sep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp251x_hw_wake() function is called with the mpc_lock mutex held and disables the interrupt handler so that no interrupts can be proces

• CVE-2024-46787Sep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_huge() code in mfill_atomic() is wrong in three different ways depending on kernel v

• CVE-2024-46784Sep 18, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup Currently napi_disable() gets called during rxq and txq cleanup, even before napi is enabled and hrtimer is initialized. It causes kernel pani