rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
Vulnerabilities (2,437)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26670 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory acc | |
| CVE-2024-26669 | Hig | 7.1 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the ' | |
| CVE-2024-26668 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be | |
| CVE-2024-26667 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch warning about another co | |
| CVE-2024-26665 | Hig | 7.1 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of | |
| CVE-2024-26664 | Hig | 7.1 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package. | |
| CVE-2024-26663 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010: | |
| CVE-2024-26661 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg | |
| CVE-2024-26660 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, correspon | |
| CVE-2024-26659 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet | |
| CVE-2024-26656 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo J | |
| CVE-2023-52636 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes a | |
| CVE-2023-52635 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from | |
| CVE-2023-52632 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted ---------------- | |
| CVE-2024-26654 | Hig | 7.0 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Apr 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastcard->timer. When the snd_pcm_substream is | |
| CVE-2023-52628 | Hig | 7.1 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Mar 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c | |
| CVE-2024-26651 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Mar 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error. | |
| CVE-2024-26646 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during | |
| CVE-2023-52627 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user spac | |
| CVE-2023-52623 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspic |
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory acc
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the '
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch warning about another co
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package.
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010:
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, correspon
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo J
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes a
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted ----------------
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastcard->timer. When the snd_pcm_substream is
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error.
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user spac
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspic
Page 102 of 122