suse/kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

Vulnerabilities (1,350)

• CVE-2022-48967Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nf

• CVE-2022-48962Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.

• CVE-2022-48960Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.

• CVE-2022-48956Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use

• CVE-2022-48947Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this

• CVE-2024-50047Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt

• CVE-2024-49991Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set

• CVE-2024-49982Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of d

• CVE-2024-49974Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit

• CVE-2024-49969Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_hw_format` function in the DCN30 color ma

• CVE-2024-49936Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvif_flush_hash() During the list_for_each_entry_rcu iteration call of xenvif_flush_hash, kfree_rcu does not exist inside the rcu read critical section, so if kfree_rcu is call

• CVE-2024-49925Oct 21, 2024
  affected < 5.3.18-150300.59.185.1fixed 5.3.18-150300.59.185.1

  In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UA

• CVE-2024-49867Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the k

• CVE-2024-47747HigOct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to &prev(dev)->timer. Once t

• CVE-2024-49860Oct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory.

• CVE-2024-47706MedOct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ | Λ | Λ | |

• CVE-2024-47684MedOct 21, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r

• CVE-2024-47674Oct 15, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are special, because unlike normal memory mappings, there is no lifetime information associated with the mapping - it

• CVE-2024-47668Oct 9, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll sti

• CVE-2024-46849HigSep 27, 2024
  affected < 5.3.18-150300.59.182.1fixed 5.3.18-150300.59.182.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card->dai_link' is reallocated in 'meson_card_reallocate_links()', so move 'pad' pointer initialization after this function when memory is already reallocated