rpm package
suse/kernel-livepatch-MICRO-6-0-RT_Update_4&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_4&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (570)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50240 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") removed most users of the platform device driver data, but mistakenly also removed | ||
| CVE-2024-50237 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of uninitialized private data | ||
| CVE-2024-50236 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completi | ||
| CVE-2024-50235 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network | ||
| CVE-2024-50234 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts ar | ||
| CVE-2024-50233 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_ca | ||
| CVE-2024-50232 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is call | ||
| CVE-2024-50231 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kun | ||
| CVE-2024-50230 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which | ||
| CVE-2024-50229 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circula | ||
| CVE-2024-50225 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's | ||
| CVE-2024-50224 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULL pointer to gpiod_direction_output(), preventing a crash when GPIO chip se | ||
| CVE-2024-50221 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangogh_tables_init() is not large enough for the memset done in smu_cmn_init_soft_gpu_metrics(). | ||
| CVE-2024-50218 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two reasons for this: first, the parameter value passed is greater than ocfs2_max_inline | ||
| CVE-2024-50216 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args->pag as | ||
| CVE-2024-50215 | — | < 1-1.1 | 1-1.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup() for the same controller. So it's better to nullify it after release on error pat | ||
| CVE-2024-50210 | Med | 5.5 | < 1-1.1 | 1-1.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the | |
| CVE-2024-50205 | Med | 5.5 | < 1-1.1 | 1-1.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check be | |
| CVE-2024-50188 | Med | 5.5 | < 1-1.1 | 1-1.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10). | |
| CVE-2024-50209 | — | < 1-1.1 | 1-1.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances. |
- CVE-2024-50240Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") removed most users of the platform device driver data, but mistakenly also removed
- CVE-2024-50237Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of uninitialized private data
- CVE-2024-50236Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completi
- CVE-2024-50235Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network
- CVE-2024-50234Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts ar
- CVE-2024-50233Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_ca
- CVE-2024-50232Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is call
- CVE-2024-50231Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kun
- CVE-2024-50230Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which
- CVE-2024-50229Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circula
- CVE-2024-50225Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's
- CVE-2024-50224Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULL pointer to gpiod_direction_output(), preventing a crash when GPIO chip se
- CVE-2024-50221Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangogh_tables_init() is not large enough for the memset done in smu_cmn_init_soft_gpu_metrics().
- CVE-2024-50218Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two reasons for this: first, the parameter value passed is greater than ocfs2_max_inline
- CVE-2024-50216Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args->pag as
- CVE-2024-50215Nov 9, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup() for the same controller. So it's better to nullify it after release on error pat
- affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the
- affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check be
- affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10).
- CVE-2024-50209Nov 8, 2024affected < 1-1.1fixed 1-1.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances.
Page 8 of 29