suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

Vulnerabilities (2,310)

• CVE-2024-53112Dec 2, 2024
  affected < 5.14.21-150500.55.94.1.150500.6.43.1fixed 5.14.21-150500.55.94.1.150500.6.43.1

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra

• CVE-2024-53104KEVDec 2, 2024
  affected < 5.14.21-150500.55.94.1.150500.6.43.1fixed 5.14.21-150500.55.94.1.150500.6.43.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

• CVE-2024-53103Dec 2, 2024
  affected < 5.14.21-150500.55.94.1.150500.6.43.1fixed 5.14.21-150500.55.94.1.150500.6.43.1

  In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This i

• CVE-2024-53101MedNov 25, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali

• CVE-2024-8805Nov 22, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

• CVE-2024-53095Nov 21, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

• CVE-2024-53093Nov 21, 2024
  affected < 5.14.21-150500.55.121.2.150500.6.57.2fixed 5.14.21-150500.55.121.2.150500.6.57.2

  In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes availa

• CVE-2024-53090Nov 21, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in

• CVE-2024-53057HigNov 19, 2024
  affected < 5.14.21-150500.55.116.1.150500.6.55.1fixed 5.14.21-150500.55.116.1.150500.6.55.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

• CVE-2024-53072Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in the following messages in the kernel ring buffer: amd_pmc AMDI0009:00: SMU

• CVE-2024-53064Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to comp

• CVE-2024-53063Nov 19, 2024
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_

• CVE-2024-53056Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() In mtk_crtc_create(), if the call to mbox_request_channel() fails then we set the "mtk_crtc->cmdq_client.chan" pointer to NULL. In that situat

• CVE-2024-53055Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop var

• CVE-2024-53051Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capability add a check to avoid k

• CVE-2024-50299MedNov 19, 2024
  affected < 5.14.21-150500.55.94.1.150500.6.43.1fixed 5.14.21-150500.55.94.1.150500.6.43.1

  In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address

• CVE-2024-50296Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pci_disable_sriov

• CVE-2024-50290Nov 19, 2024
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that.

• CVE-2024-50280Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized delayed_work waker in the

• CVE-2024-50279Nov 19, 2024
  affected < 5.14.21-150500.55.91.1.150500.6.41.1fixed 5.14.21-150500.55.91.1.150500.6.41.1

  In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes