suse/kernel-source-coco&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6

Vulnerabilities (2,052)

• CVE-2024-46791Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp251x_hw_wake() function is called with the mpc_lock mutex held and disables the interrupt handler so that no interrupts can be proces

• CVE-2024-46788Sep 18, 2024
  affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with the interface_lock held. This means that the kthread variable could be unex

• CVE-2024-46787Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmd_trans_huge() check", v2. The pmd_trans_huge() code in mfill_atomic() is wrong in three different ways depending on kernel v

• CVE-2024-46784Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup Currently napi_disable() gets called during rxq and txq cleanup, even before napi is enabled and hrtimer is initialized. It causes kernel pani

• CVE-2024-46782Sep 18, 2024
  affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_exit_net() frees the rhashtable, then call nf_unregister_net_hooks(). It should b

• CVE-2024-46781Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN found a use-after-free bug. It turned out that if data recovery was performed us

• CVE-2024-46780Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superblock buffers of nilfs2 can not only be overwritten at runtime for modifications/repairs, but they are also regularly swapped, repla

• CVE-2024-46778Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled is a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and thus if (p->UnboundedReq

• CVE-2024-46777Sep 18, 2024
  affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we

• CVE-2024-46776Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Run DC_LOG_DC after checking link->link_enc [WHAT] The DC_LOG_DC should be run after link->link_enc is checked, not before. This fixes 1 REVERSE_INULL issue reported by Coverity.

• CVE-2024-46775Sep 18, 2024
  affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity.

• CVE-2024-46774Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and '

• CVE-2024-46773Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator pbn_div before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 1 DIVIDE_BY_ZERO issue reported by Coverity.

• CVE-2024-46772Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 2 DIVIDE_BY_ZERO issues reported by Coverity.

• CVE-2024-46771Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcm_connect() below. [0] The repro calls connect() to vxcan1, removes vxcan1, and calls connect() with ifindex == 0. Calli

• CVE-2024-46770Sep 18, 2024
  affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL point

• CVE-2024-46767Sep 18, 2024
  affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing of_node_put() for leds The call of of_get_child_by_name() will cause refcount incremented for leds, if it succeeds, it should call of_node_put() to decrease it, fix it.

• CVE-2024-46766Sep 18, 2024
  affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that is not rtnl-locked when called from the reset. This creates the need to take the

• CVE-2024-46765Sep 18, 2024
  affected < 6.4.0-15061.12.coco15sp6.1fixed 6.4.0-15061.12.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in ice_xdp() is a possible asynchronous PF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset

• CVE-2024-46763Sep 18, 2024
  affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

  In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting down a host. [0] The NULL pointer is sk->sk_user_data, and the offset 8 is of protocol in struct fou. When fou