rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
Vulnerabilities (2,117)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35910 | Med | 5.8 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o | |
| CVE-2024-35840 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp | ||
| CVE-2024-27415 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) | ||
| CVE-2024-27018 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This pa | ||
| CVE-2024-27005 | — | < 6.4.0-150700.20.27.1 | 6.4.0-150700.20.27.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_lock mutexes in [1] to avoid lockdep splats. However, this didn't adequately prote | ||
| CVE-2024-26944 | — | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe | ||
| CVE-2024-26831 | — | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req | ||
| CVE-2024-26762 | — | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from | ||
| CVE-2024-26661 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg | ||
| CVE-2024-26584 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | ||
| CVE-2023-39197 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Jan 23, 2024 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | ||
| CVE-2023-5633 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Oct 23, 2023 | The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp | ||
| CVE-2023-42752 | — | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | Oct 13, 2023 | An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. | ||
| CVE-2023-42753 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Sep 25, 2023 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss | ||
| CVE-2023-3772 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Jul 25, 2023 | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s | ||
| CVE-2023-31248 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Jul 5, 2023 | Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | ||
| CVE-2019-11135 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. |
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o
- CVE-2024-35840May 17, 2024affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp
- CVE-2024-27415May 17, 2024affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)
- CVE-2024-27018May 1, 2024affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This pa
- CVE-2024-27005May 1, 2024affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1
In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_lock mutexes in [1] to avoid lockdep splats. However, this didn't adequately prote
- CVE-2024-26944May 1, 2024affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe
- CVE-2024-26831Apr 17, 2024affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req
- CVE-2024-26762Apr 3, 2024affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from
- CVE-2024-26661Apr 2, 2024affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
- CVE-2024-26584Feb 21, 2024affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- CVE-2023-39197Jan 23, 2024affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
- CVE-2023-5633Oct 23, 2023affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp
- CVE-2023-42752Oct 13, 2023affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.
- CVE-2023-42753Sep 25, 2023affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
- CVE-2023-3772Jul 25, 2023affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s
- CVE-2023-31248Jul 5, 2023affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
- CVE-2019-11135Nov 14, 2019affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Page 106 of 106