rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Module for Development Tools 15 SP6
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6
Vulnerabilities (3,752)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26764 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c: | ||
| CVE-2024-26761 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist | ||
| CVE-2024-26760 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree(). | ||
| CVE-2024-26759 | — | < 6.4.0-150600.23.25.1 | 6.4.0-150600.23.25.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) | ||
| CVE-2024-26758 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't | ||
| CVE-2024-26742 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs t | ||
| CVE-2024-26741 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->ics | ||
| CVE-2024-26740 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run | ||
| CVE-2024-26739 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod | ||
| CVE-2024-26737 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_and_free and bpf_timer_cancel. It will lead a UAF on the timer->timer. bpf_timer_c | ||
| CVE-2024-26735 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family. | ||
| CVE-2024-26734 | — | < 6.4.0-150600.23.17.1 | 6.4.0-150600.23.17.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in | ||
| CVE-2024-26733 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr | ||
| CVE-2024-26731 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000 | ||
| CVE-2023-52641 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() It is preferable to exit through the out: label because internal debugging functions are located there. | ||
| CVE-2023-52640 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea. | ||
| CVE-2024-26726 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start | ||
| CVE-2024-26714 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of | ||
| CVE-2024-26708 | — | < 6.4.0-150600.23.42.1 | 6.4.0-150600.23.42.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change a | ||
| CVE-2024-26704 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat |
- CVE-2024-26764Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:
- CVE-2024-26761Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist
- CVE-2024-26760Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree().
- CVE-2024-26759Apr 3, 2024affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1
In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0)
- CVE-2024-26758Apr 3, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't
- CVE-2024-26742Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs t
- CVE-2024-26741Apr 3, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->ics
- CVE-2024-26740Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run
- CVE-2024-26739Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod
- CVE-2024-26737Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_and_free and bpf_timer_cancel. It will lead a UAF on the timer->timer. bpf_timer_c
- CVE-2024-26735Apr 3, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family.
- CVE-2024-26734Apr 3, 2024affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1
In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in
- CVE-2024-26733Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr
- CVE-2024-26731Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000
- CVE-2023-52641Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() It is preferable to exit through the out: label because internal debugging functions are located there.
- CVE-2023-52640Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea.
- CVE-2024-26726Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start
- CVE-2024-26714Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of
- CVE-2024-26708Apr 3, 2024affected < 6.4.0-150600.23.42.1fixed 6.4.0-150600.23.42.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change a
- CVE-2024-26704Apr 3, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat
Page 184 of 188