VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Vulnerabilities (2,432)

  • CVE-2024-42131Jul 30, 2024
    affected < 5.14.21-150500.33.75.1fixed 5.14.21-150500.33.75.1

    In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits).

  • CVE-2024-42127Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and th

  • CVE-2024-42126Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int

  • CVE-2024-42124Jul 30, 2024
    affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. This results in BUG_ON() when running an RT kernel. [ 659.343280] BUG: using sm

  • CVE-2024-42122Jul 30, 2024
    affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer check for kzalloc [Why & How] Check return pointer of kzalloc before using it.

  • CVE-2024-42121Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT] msg_id is used as an array index and it cannot be a negative value, and therefore cannot be equal to MOD_HDCP_MESSAGE_ID_INVALID (-1). [HOW] Chec

  • CVE-2024-42120Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity.

  • CVE-2024-42119Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Sk

  • CVE-2024-42115Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2_free_inode During the stress testing of the jffs2 file system,the following abnormal printouts were found: [ 2430.649000] Unable to handle kernel paging requ

  • CVE-2024-42110Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA) dmanegine as the data mover for ntb_transport that ntb_netdev uses. [74412.5469

  • CVE-2024-42107Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the i

  • CVE-2024-42106Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2 KMSAN reported uninit-value access in raw_lookup() [1]. Diag for raw sockets uses the pad field in struct inet_diag_req_v2 for the underlying protocol.

  • CVE-2024-42105Jul 30, 2024
    affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix inode number range checks Patch series "nilfs2: fix potential issues related to reserved inodes". This series fixes one use-after-free issue reported by syzbot, caused by nilfs2's internal inode be

  • CVE-2024-42104Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file in

  • CVE-2024-42101Jul 30, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes In nouveau_connector_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointe

  • CVE-2024-42097MedJul 29, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In load_data(), make the validation of and skipping over the main info block match that in load_guspatch(). In load_guspatch(), add checking that the specified p

  • CVE-2024-42096MedJul 29, 2024
    affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1

    In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc() The 'profile_pc()' function is used for timer-based profiling, which isn't really all that relevant any more to begin with, but it also ends up making assumptions b

  • CVE-2024-42093HigJul 29, 2024
    affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1

    In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow.

  • CVE-2024-42098Jul 29, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: ecdh - explicitly zeroize private_key private_key is overwritten with the key parameter passed in by the caller (if present), or alternatively a newly generated private key. However, it is possible that

  • CVE-2024-42095Jul 29, 2024
    affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250_omap: Implementation of Errata i2310 As per Errata i2310[0], Erroneous timeout can be triggered, if this Erroneous interrupt is not cleared then it may leads to storm of interrupts, therefore apply

Page 35 of 122