VYPR

rpm package

suse/kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5

pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5

Vulnerabilities (2,437)

  • CVE-2024-38578HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for t

  • CVE-2024-38577HigJun 19, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow There is a possibility of buffer overflow in show_rcu_tasks_trace_gp_kthread() if counters, passed to sprintf() are huge. Counter numbers, needed f

  • CVE-2024-38573HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from different places with various parameters. So cpufreq_cpu_get() can return null as

  • CVE-2024-38571MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fix null pointer dereference compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c) as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null pointe

  • CVE-2024-38570HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. Commit fb6791d100d1b started exploi

  • CVE-2024-38568HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out

  • CVE-2024-38567MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a sp

  • CVE-2024-38565MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper e

  • CVE-2024-38564MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enforce proper attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses bpf_prog_g

  • CVE-2024-38560HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that

  • CVE-2024-38559MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t

  • CVE-2024-38558MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary pack

  • CVE-2024-38557MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Reload only IB representors upon lag disable/enable On lag disable, the bond IB device along with all of its representors are destroyed, and then the slaves' representors get reloaded. In case the sl

  • CVE-2024-38556HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of wa

  • CVE-2024-38555HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device wil

  • CVE-2024-38554MedJun 19, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issue of net_device There is a reference count leak issue of the object "net_device" in ax25_dev_device_down(). When the ax25 device is shutting down, the ax25_dev_device_down() d

  • CVE-2024-38553MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndo_poll_controller to avoid deadlocks There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b ("eth: sungem: remove .ndo_poll_controller to avoid deadlocks")

  • CVE-2024-38552HigJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the num

  • CVE-2024-38550MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: ASoC: kirkwood: Fix potential NULL dereference In kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if CONFIG_PLAT_ORION macro is not defined. Fix this bug by adding NULL check. Found by Linux Verifica

  • CVE-2024-38549MedJun 19, 2024
    affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace appl

Page 56 of 122