suse/kernel-default-base&distro=SUSE Manager Proxy 4.3

Vulnerabilities (1,907)

• CVE-2023-52452Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory (ever since 6715df8d5) but, before this patch, these accesses were permitted inconsistently

• CVE-2023-52451Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde

• CVE-2023-52450Feb 22, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() Get logical socket id instead of physical id in discover_upi_topology() to avoid out-of-bound access on 'upi = &type->topology[ni

• CVE-2023-52449Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read

• CVE-2023-52448Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen when creating rgd->rd_gl fails in r

• CVE-2023-52445Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t

• CVE-2024-26589Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So th

• CVE-2024-26586Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn,

• CVE-2023-52443Feb 22, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string

• CVE-2024-26585Feb 21, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling

• CVE-2024-26584Feb 21, 2024
  affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1

  In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES

• CVE-2024-26583Feb 21, 2024
  affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1

  In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch

• CVE-2023-52439Feb 20, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_device uio_open idev = idr_find() device_unregister(&idev->dev) put_device(&idev-

• CVE-2023-52429Feb 12, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.

• CVE-2024-1151Feb 11, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo

• CVE-2023-6536Feb 7, 2024
  affected < 5.14.21-150400.24.108.1.150400.24.50.2fixed 5.14.21-150400.24.108.1.150400.24.50.2

  A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

• CVE-2023-6535Feb 7, 2024
  affected < 5.14.21-150400.24.108.1.150400.24.50.2fixed 5.14.21-150400.24.108.1.150400.24.50.2

  A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

• CVE-2023-6356Feb 7, 2024
  affected < 5.14.21-150400.24.108.1.150400.24.50.2fixed 5.14.21-150400.24.108.1.150400.24.50.2

  A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a deni

• CVE-2024-24860Feb 5, 2024
  affected < 5.14.21-150400.24.108.1.150400.24.50.2fixed 5.14.21-150400.24.108.1.150400.24.50.2

  A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

• CVE-2024-1086KEVJan 31, 2024
  affected < 5.14.21-150400.24.108.1.150400.24.50.2fixed 5.14.21-150400.24.108.1.150400.24.50.2

  A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau