rpm package
suse/kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-53056 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() In mtk_crtc_create(), if the call to mbox_request_channel() fails then we set the "mtk_crtc->cmdq_client.chan" pointer to NULL. In that situat | |
| CVE-2024-53055 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop var | |
| CVE-2024-53051 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capability add a check to avoid k | |
| CVE-2024-50299 | Med | 5.5 | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address | |
| CVE-2024-50296 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pci_disable_sriov | |
| CVE-2024-50290 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that. | |
| CVE-2024-50280 | Hig | 7.8 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized delayed_work waker in the | |
| CVE-2024-50279 | Hig | 7.1 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes | |
| CVE-2024-50278 | Hig | 7.1 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because exp | |
| CVE-2024-50275 | Hig | 7.0 | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIF_SVE set and | |
| CVE-2024-50262 | Hig | 7.8 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths | |
| CVE-2024-50256 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_reset6() I think the issue is that dev->hard_header_len is zero, and we attempt | |
| CVE-2024-50211 | Low | 3.3 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out ea | |
| CVE-2024-50210 | Med | 5.5 | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the | |
| CVE-2024-50202 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a fuzzing test for nilfs2. The root cause of this problem is that in nilfs_find_entr | |
| CVE-2024-50199 | Med | 5.5 | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and | |
| CVE-2024-50195 | Med | 5.5 | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tv_sec and tv_nsec range before calling ptp->info->settime | |
| CVE-2024-50166 | Med | 5.5 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes references to of_dev->dev. Not all refer | |
| CVE-2024-50154 | Hig | 7.0 | < 5.14.21-150500.55.91.1 | 5.14.21-150500.55.91.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc | |
| CVE-2024-50151 | Hig | 7.8 | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compound request buffers down for encryp |
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() In mtk_crtc_create(), if the call to mbox_request_channel() fails then we set the "mtk_crtc->cmdq_client.chan" pointer to NULL. In that situat
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop var
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capability add a check to avoid k
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pci_disable_sriov
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that.
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized delayed_work waker in the
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because exp
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIF_SVE set and
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_reset6() I think the issue is that dev->hard_header_len is zero, and we attempt
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out ea
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a fuzzing test for nilfs2. The root cause of this problem is that in nilfs_find_entr
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tv_sec and tv_nsec range before calling ptp->info->settime
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes references to of_dev->dev. Not all refer
- affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compound request buffers down for encryp
Page 111 of 116