rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Vulnerabilities (2,843)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26792 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second | ||
| CVE-2024-26782 | — | < 5.14.21-150400.24.144.1.150400.24.70.1 | 5.14.21-150400.24.144.1.150400.24.70.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin | ||
| CVE-2024-26745 | — | < 5.14.21-150400.24.125.1.150400.24.60.1 | 5.14.21-150400.24.125.1.150400.24.60.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user pag | ||
| CVE-2024-26773 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a | ||
| CVE-2024-26766 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by ` | ||
| CVE-2024-26764 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c: | ||
| CVE-2024-26739 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod | ||
| CVE-2024-26733 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr | ||
| CVE-2024-26727 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() if the newly created subvolume already got read [BUG] There is a syzbot crash, triggered by the ASSERT() during subvolume creation: assertion failed: !anon_dev, in fs/btrfs/disk-io.c:13 | ||
| CVE-2024-26704 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat | ||
| CVE-2024-26689 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the ref | ||
| CVE-2024-26688 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigni | ||
| CVE-2024-26687 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being t | ||
| CVE-2023-52628 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Mar 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c | ||
| CVE-2023-52621 | — | < 5.14.21-150400.24.116.1.150400.24.54.5 | 5.14.21-150400.24.116.1.150400.24.54.5 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock asserti | ||
| CVE-2024-26643 | Med | 5.5 | < 5.14.21-150400.24.173.1.150400.24.88.1 | 5.14.21-150400.24.173.1.150400.24.88.1 | Mar 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it | |
| CVE-2024-26642 | Med | 5.5 | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Mar 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work. | |
| CVE-2023-52616 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init When the mpi_ec_ctx structure is initialized, some fields are not cleared, causing a crash when referencing the field when the structure was releas | ||
| CVE-2023-28746 | Med | 6.5 | < 5.14.21-150400.24.111.2.150400.24.52.1 | 5.14.21-150400.24.111.2.150400.24.52.1 | Mar 14, 2024 | Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2023-52607 | — | < 5.14.21-150400.24.119.1.150400.24.56.1 | 5.14.21-150400.24.119.1.150400.24.56.1 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the p |
- CVE-2024-26792Apr 4, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second
- CVE-2024-26782Apr 4, 2024affected < 5.14.21-150400.24.144.1.150400.24.70.1fixed 5.14.21-150400.24.144.1.150400.24.70.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin
- CVE-2024-26745Apr 4, 2024affected < 5.14.21-150400.24.125.1.150400.24.60.1fixed 5.14.21-150400.24.125.1.150400.24.60.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user pag
- CVE-2024-26773Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a
- CVE-2024-26766Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `
- CVE-2024-26764Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:
- CVE-2024-26739Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod
- CVE-2024-26733Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr
- CVE-2024-26727Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() if the newly created subvolume already got read [BUG] There is a syzbot crash, triggered by the ASSERT() during subvolume creation: assertion failed: !anon_dev, in fs/btrfs/disk-io.c:13
- CVE-2024-26704Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat
- CVE-2024-26689Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the ref
- CVE-2024-26688Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigni
- CVE-2024-26687Apr 3, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being t
- CVE-2023-52628Mar 28, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c
- CVE-2023-52621Mar 26, 2024affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5
In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock asserti
- affected < 5.14.21-150400.24.173.1.150400.24.88.1fixed 5.14.21-150400.24.173.1.150400.24.88.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it
- affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.
- CVE-2023-52616Mar 18, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init When the mpi_ec_ctx structure is initialized, some fields are not cleared, causing a crash when referencing the field when the structure was releas
- affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2023-52607Mar 6, 2024affected < 5.14.21-150400.24.119.1.150400.24.56.1fixed 5.14.21-150400.24.119.1.150400.24.56.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the p
Page 131 of 143