rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Module for Development Tools 15 SP5
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
Vulnerabilities (2,437)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35934 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them hint that smc acquires rtnl in netns creation for no good reason [1] This patch | |
| CVE-2024-35933 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev->req_skb is NULL, which will cause this issue. | |
| CVE-2024-35932 | Hig | 7.8 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] ref | |
| CVE-2024-35930 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is | |
| CVE-2024-35925 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on overflow. It is necessary to add a check to avoid division by zero. Found by Linux V | |
| CVE-2024-35924 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to | |
| CVE-2024-35922 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode(). Fou | |
| CVE-2023-52699 | Med | 5.3 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A "write_lock(&pointers_lock) => read_loc | |
| CVE-2024-35915 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero, | |
| CVE-2024-35914 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th | |
| CVE-2024-35912 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the rx payload length check fails, or if kmemdup() fails, we still need to free the command response. Fix that. | |
| CVE-2024-35907 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows | |
| CVE-2024-35905 | Hig | 7.8 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow | |
| CVE-2024-35904 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on | |
| CVE-2024-35902 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman adds:] Analysis: * cp is a parameter of __rds_rdma_map and is not reassigned. * T | |
| CVE-2024-35901 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_ | |
| CVE-2024-35900 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table (existing and new). The followi | |
| CVE-2024-35899 | Med | 6.1 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush pending destroy work before netlink notifier") to address a race between exit_net a | |
| CVE-2024-35898 | Med | 5.5 | < 5.14.21-150500.55.73.2 | 5.14.21-150500.55.73.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within nf_flow_inet_module_exit() can concurrent with __nft_flowtable_type_get() within nf_tables_newf | |
| CVE-2024-35897 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both |
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them hint that smc acquires rtnl in netns creation for no good reason [1] This patch
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev->req_skb is NULL, which will cause this issue.
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] ref
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on overflow. It is necessary to add a check to avoid division by zero. Found by Linux V
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode(). Fou
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A "write_lock(&pointers_lock) => read_loc
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero,
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the rx payload length check fails, or if kmemdup() fails, we still need to free the command response. Fix that.
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman adds:] Analysis: * cp is a parameter of __rds_rdma_map and is not reassigned. * T
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table (existing and new). The followi
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush pending destroy work before netlink notifier") to address a race between exit_net a
- affected < 5.14.21-150500.55.73.2fixed 5.14.21-150500.55.73.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within nf_flow_inet_module_exit() can concurrent with __nft_flowtable_type_get() within nf_tables_newf
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both
Page 79 of 122