rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
Vulnerabilities (2,437)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-40935 | Hig | 7.8 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILES_DEAD In ondemand mode, when the daemon is processing an open request, if the kernel flags the cache as CACHEFILES_DEAD, the cachefiles_daemon_write() will | |
| CVE-2024-40934 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path. | |
| CVE-2024-40932 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. Fix it. | |
| CVE-2024-40931 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). It turns out that syzkaller can trigger the | |
| CVE-2024-40929 | Hig | 7.1 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this case will cuase an out-of | |
| CVE-2024-40927 | Hig | 7.8 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure ev | |
| CVE-2024-40924 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm->bound_list. Then it tries to rewrite the PTE | |
| CVE-2024-40923 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base, the subsequent call to vmxnet3_rq_destroy_all_rxdataring does not reset rq->data | |
| CVE-2024-40919 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() In case of token is released due to token->state == BNXT_HWRM_DEFERRED, released token (set to NULL) is used in log messag | |
| CVE-2024-40916 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortu | |
| CVE-2024-40912 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_unicast_ps_buf() which is called from soft | |
| CVE-2024-40911 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert in ieee80211_get_station()). This fixes the following kernel NULL dereference: | |
| CVE-2024-40910 | Med | 5.5 | < 5.14.21-150500.55.83.1 | 5.14.21-150500.55.83.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep | |
| CVE-2024-40909 | Hig | 7.8 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed by link->ops->dealloc_deferred, but the code still tests and uses link->ops->dealloc afterward, which lead | |
| CVE-2024-40908 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp test_run callback syzbot reported crash when rawtp program executed through the test_run interface calls bpf_get_attach_cookie helper or any other helper that touches task->bpf_ct | |
| CVE-2024-40906 | Hig | 7.8 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if teardown_hca fails to execute during driver removal, mlx5 does not stop the health timer. Afterwards, mlx5 continue with driver teardown. T | |
| CVE-2024-40905 | Med | 4.7 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in __fib6_drop_pcpu_from() syzbot found a race in __fib6_drop_pcpu_from() [1] If compiler reads more than once (*ppcpu_rt), second read could read NULL, if another cpu clears the value | |
| CVE-2024-40904 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resu | |
| CVE-2024-40903 | Hig | 7.8 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_register_source_caps(). This could happen when: * new (say invalid) source caps are | |
| CVE-2024-40902 | Hig | 7.8 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than t |
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILES_DEAD In ondemand mode, when the daemon is processing an open request, if the kernel flags the cache as CACHEFILES_DEAD, the cachefiles_daemon_write() will
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. Fix it.
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). It turns out that syzkaller can trigger the
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this case will cuase an out-of
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure ev
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm->bound_list. Then it tries to rewrite the PTE
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base, the subsequent call to vmxnet3_rq_destroy_all_rxdataring does not reset rq->data
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() In case of token is released due to token->state == BNXT_HWRM_DEFERRED, released token (set to NULL) is used in log messag
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortu
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_unicast_ps_buf() which is called from soft
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert in ieee80211_get_station()). This fixes the following kernel NULL dereference:
- affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed by link->ops->dealloc_deferred, but the code still tests and uses link->ops->dealloc afterward, which lead
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp test_run callback syzbot reported crash when rawtp program executed through the test_run interface calls bpf_get_attach_cookie helper or any other helper that touches task->bpf_ct
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if teardown_hca fails to execute during driver removal, mlx5 does not stop the health timer. Afterwards, mlx5 continue with driver teardown. T
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in __fib6_drop_pcpu_from() syzbot found a race in __fib6_drop_pcpu_from() [1] If compiler reads more than once (*ppcpu_rt), second read could read NULL, if another cpu clears the value
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resu
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps There could be a potential use-after-free case in tcpm_register_source_caps(). This could happen when: * new (say invalid) source caps are
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than t
Page 46 of 122