rpm package
suse/kernel-livepatch-MICRO-6-0_Update_4&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_4&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (576)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-46817 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_init. | ||
| CVE-2024-46816 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_D | ||
| CVE-2024-46815 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an | ||
| CVE-2024-46814 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN | ||
| CVE-2024-46811 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box [Why] Coverity reports OVERRUN warning. soc.num_states could be 40. But array range of bw_params->clk_table.entries is 8. [Ho | ||
| CVE-2024-46810 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Make sure the connector is fully initialized before signalling any HPD events via drm_kms_helper_hotplug_event(), otherwise t | ||
| CVE-2024-46809 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULL_RETURNS issues reported by Coverity. | ||
| CVE-2024-46807 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL | ||
| CVE-2024-46806 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode. | ||
| CVE-2024-46805 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL. | ||
| CVE-2024-46804 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning. Do not check if array index valid. [How] Check msg_id valid and valid array index. | ||
| CVE-2024-46803 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbg_ev_file In interrupt context, write dbg_ev_file will be run by work queue. It will cause write dbg_ev_file execution after debug_trap_disable, which will cau | ||
| CVE-2024-46802 | — | < 1-1.2 | 1-1.2 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL | ||
| CVE-2024-46800 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_backlog() is not called to | ||
| CVE-2024-46797 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queued_spin_lock_slowpath() after we increment qnodesp->count and before node->lock is initialized, another CPU might see stale lock values | ||
| CVE-2024-46788 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with the interface_lock held. This means that the kthread variable could be unex | ||
| CVE-2024-46777 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we | ||
| CVE-2024-46775 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity. | ||
| CVE-2024-46770 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL point | ||
| CVE-2024-46766 | — | < 1-1.2 | 1-1.2 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that is not rtnl-locked when called from the reset. This creates the need to take the |
- CVE-2024-46817Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_init.
- CVE-2024-46816Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_D
- CVE-2024-46815Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an
- CVE-2024-46814Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN
- CVE-2024-46811Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box [Why] Coverity reports OVERRUN warning. soc.num_states could be 40. But array range of bw_params->clk_table.entries is 8. [Ho
- CVE-2024-46810Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Make sure the connector is fully initialized before signalling any HPD events via drm_kms_helper_hotplug_event(), otherwise t
- CVE-2024-46809Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULL_RETURNS issues reported by Coverity.
- CVE-2024-46807Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL
- CVE-2024-46806Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode.
- CVE-2024-46805Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL.
- CVE-2024-46804Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning. Do not check if array index valid. [How] Check msg_id valid and valid array index.
- CVE-2024-46803Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbg_ev_file In interrupt context, write dbg_ev_file will be run by work queue. It will cause write dbg_ev_file execution after debug_trap_disable, which will cau
- CVE-2024-46802Sep 27, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL
- CVE-2024-46800Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_backlog() is not called to
- CVE-2024-46797Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queued_spin_lock_slowpath() after we increment qnodesp->count and before node->lock is initialized, another CPU might see stale lock values
- CVE-2024-46788Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with the interface_lock held. This means that the kthread variable could be unex
- CVE-2024-46777Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we
- CVE-2024-46775Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity.
- CVE-2024-46770Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL point
- CVE-2024-46766Sep 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that is not rtnl-locked when called from the reset. This creates the need to take the
Page 26 of 29