VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server 15 SP4-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS

Vulnerabilities (2,830)

  • CVE-2024-53206Dec 27, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsk_timer_handler(). The cited commit replaced inet_csk_reqsk_queue_drop_and_put() with __inet_csk_reqsk_queue_drop() and reqsk_put() in reqsk_timer_handler(). Then, oreq s

  • CVE-2024-53179Dec 27, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas

  • CVE-2024-53177Dec 27, 2024
    affected < 5.14.21-150400.24.176.1fixed 5.14.21-150400.24.176.1

    In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in

  • CVE-2024-53173Dec 27, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs

  • CVE-2024-53168Dec 27, 2024
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID

  • CVE-2024-53164Dec 27, 2024
    affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t

  • CVE-2024-53156Dec 24, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255

  • CVE-2024-53146Dec 24, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that

  • CVE-2024-53241Dec 24, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati

  • CVE-2024-53240Dec 24, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t

  • CVE-2024-2201MedDec 19, 2024
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

  • CVE-2024-53144Dec 17, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ

  • CVE-2024-53142Dec 6, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG

  • CVE-2024-53141Dec 6, 2024
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f

  • CVE-2024-53135Dec 4, 2024
    affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK

  • CVE-2024-53125Dec 4, 2024
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set:

  • CVE-2024-53104KEVDec 2, 2024
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

  • CVE-2023-52922Nov 28, 2024
    affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

  • CVE-2024-8805Nov 22, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

  • CVE-2024-53095Nov 21, 2024
    affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

Page 91 of 142