VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Vulnerabilities (2,830)

  • CVE-2023-52686May 17, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2023-52676May 17, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The arithmetic implies adding togeth

  • CVE-2024-35815MedMay 17, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct kiocb that is not embedded inside struct aio_kiocb. With the current code, dependi

  • CVE-2024-35811MedMay 17, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following

  • CVE-2023-52670May 17, 2024
    affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1

    In the Linux kernel, the following vulnerability has been resolved: rpmsg: virtio: Free driver_override when rpmsg_remove() Free driver_override when rpmsg_remove(), otherwise the following memory leak will occur: unreferenced object 0xffff0000d55d7080 (size 128): comm "kwor

  • CVE-2024-35817May 17, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgpu_ttm_backend_unbind will not clear the gart page table entry and leave valid

  • CVE-2024-35789HigMay 17, 2024
    affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c

  • CVE-2024-27413May 17, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In

  • CVE-2024-27397HigMay 14, 2024
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate

  • CVE-2024-27398May 13, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection

  • CVE-2023-52655May 13, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T

  • CVE-2023-52654May 9, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_gener

  • CVE-2022-48704May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b

  • CVE-2022-48695May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c

  • CVE-2022-48703May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10). T

  • CVE-2022-48702May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a

  • CVE-2022-48701May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun

  • CVE-2022-48699May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in update_sched_domain_debugfs Kuyo reports that the pattern of using debugfs_remove(debugfs_lookup()) leaks a dentry and with a hotplug stress test, the machine eventually runs out

  • CVE-2022-48697May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607

  • CVE-2022-48694May 3, 2024
    affected < 5.14.21-150400.24.122.1fixed 5.14.21-150400.24.122.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion. Fix

Page 125 of 142