suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

Vulnerabilities (2,117)

• CVE-2024-56613Dec 27, 2024
  affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

  In the Linux kernel, the following vulnerability has been resolved: sched/numa: fix memory leak due to the overwritten vma->numab_state [Problem Description] When running the hackbench program of LTP, the following memory leak is reported by kmemleak. # /opt/ltp/testcases/bi

• CVE-2024-56541Dec 27, 2024
  affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() During ath12k module removal, in ath12k_core_deinit(), ath12k_mac_destroy() un-registers ah->hw from mac80211 and frees the ah->hw as well as all the a

• CVE-2024-53163Dec 24, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix off by one in uof_get_name() This is called from uof_get_name_420xx() where "num_objs" is the ARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an out of bounds access.

• CVE-2024-53149Dec 24, 2024
  affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

  In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing

• CVE-2024-53140Dec 4, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual

• CVE-2024-53139Dec 4, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: sctp: fix possible UAF in sctp_v6_available() A lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints that sctp_v6_available() is calling dev_get_by_index_rcu() and ipv6_chk_addr() without holding rcu. [1] ==

• CVE-2024-53124MedDec 2, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules

• CVE-2024-53057HigNov 19, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

• CVE-2024-53070Nov 19, 2024
  affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

  In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. A

• CVE-2024-53063Nov 19, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_

• CVE-2024-50293Nov 19, 2024
  affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in __smc_create() Thanks to commit 4bbd360a5084 ("socket: Print pf->create() when it does not clear sock->sk on failure."), syzbot found an issue with AF_SMC: smc_cr

• CVE-2024-50290Nov 19, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that.

• CVE-2024-50223Nov 9, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null pointer dereference error in task_numa_work(). Here is the backtrace: [323676.0

• CVE-2024-50140Nov 7, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function c

• CVE-2024-50126Nov 5, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6

• CVE-2024-50106Nov 5, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread finds that delegation has exp

• CVE-2024-50083Oct 29, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. ------------[ c

• CVE-2024-50056Oct 21, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/functio

• CVE-2024-50038Oct 21, 2024
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_tab

• CVE-2024-50034Oct 21, 2024
  affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC Eric report a panic on IPPROTO_SMC, and give the facts that when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too. Bug: Unable to handle kernel