rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-46778 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled is a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and thus if (p->UnboundedReq | ||
| CVE-2024-46777 | — | < 5.14.21-150500.13.76.1 | 5.14.21-150500.13.76.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we | ||
| CVE-2024-46775 | — | < 5.14.21-150500.13.76.1 | 5.14.21-150500.13.76.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity. | ||
| CVE-2024-46774 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and ' | ||
| CVE-2024-46773 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator pbn_div before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 1 DIVIDE_BY_ZERO issue reported by Coverity. | ||
| CVE-2024-46772 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 2 DIVIDE_BY_ZERO issues reported by Coverity. | ||
| CVE-2024-46771 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcm_connect() below. [0] The repro calls connect() to vxcan1, removes vxcan1, and calls connect() with ifindex == 0. Calli | ||
| CVE-2024-46763 | — | < 5.14.21-150500.13.94.1 | 5.14.21-150500.13.94.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting down a host. [0] The NULL pointer is sk->sk_user_data, and the offset 8 is of protocol in struct fou. When fou | ||
| CVE-2024-46761 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel crash when we try to hot-unplug/disable the PCIe switch/bridge from the PHB. The | ||
| CVE-2024-46755 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if the priv is actually cur | ||
| CVE-2024-46754 | — | < 5.14.21-150500.13.76.1 | 5.14.21-150500.13.76.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau | ||
| CVE-2024-46753 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref(). This is incorrect, we have proper error handling here, return the error. | ||
| CVE-2024-46752 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the r | ||
| CVE-2024-46751 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an error message. | ||
| CVE-2024-46747 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup for the Cougar 500k Gaming Keyboard was not verifying that the report descriptor size was correct before accessing it | ||
| CVE-2024-46739 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind For primary VM Bus channels, primary_channel pointer is always NULL. This pointer is valid only for the secondary channels. Also, rescind ca | ||
| CVE-2024-46738 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() When removing a resource from vmci_resource_table in vmci_resource_remove(), the search is performed using the resource handle by compar | ||
| CVE-2024-46737 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds() the kernel crashes in nvmet_tcp_release_queue_work() because of a NULL pointer dereference. | ||
| CVE-2024-46732 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments | ||
| CVE-2024-46731 | — | < 5.14.21-150500.13.73.1 | 5.14.21-150500.13.73.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0. |
- CVE-2024-46778Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled is a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and thus if (p->UnboundedReq
- CVE-2024-46777Sep 18, 2024affected < 5.14.21-150500.13.76.1fixed 5.14.21-150500.13.76.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we
- CVE-2024-46775Sep 18, 2024affected < 5.14.21-150500.13.76.1fixed 5.14.21-150500.13.76.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity.
- CVE-2024-46774Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and '
- CVE-2024-46773Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator pbn_div before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 1 DIVIDE_BY_ZERO issue reported by Coverity.
- CVE-2024-46772Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 2 DIVIDE_BY_ZERO issues reported by Coverity.
- CVE-2024-46771Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcm_connect() below. [0] The repro calls connect() to vxcan1, removes vxcan1, and calls connect() with ifindex == 0. Calli
- CVE-2024-46763Sep 18, 2024affected < 5.14.21-150500.13.94.1fixed 5.14.21-150500.13.94.1
In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting down a host. [0] The NULL pointer is sk->sk_user_data, and the offset 8 is of protocol in struct fou. When fou
- CVE-2024-46761Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel crash when we try to hot-unplug/disable the PCIe switch/bridge from the PHB. The
- CVE-2024-46755Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if the priv is actually cur
- CVE-2024-46754Sep 18, 2024affected < 5.14.21-150500.13.76.1fixed 5.14.21-150500.13.76.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau
- CVE-2024-46753Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref(). This is incorrect, we have proper error handling here, return the error.
- CVE-2024-46752Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the r
- CVE-2024-46751Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an error message.
- CVE-2024-46747Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup for the Cougar 500k Gaming Keyboard was not verifying that the report descriptor size was correct before accessing it
- CVE-2024-46739Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind For primary VM Bus channels, primary_channel pointer is always NULL. This pointer is valid only for the secondary channels. Also, rescind ca
- CVE-2024-46738Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() When removing a resource from vmci_resource_table in vmci_resource_remove(), the search is performed using the resource handle by compar
- CVE-2024-46737Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds() the kernel crashes in nvmet_tcp_release_queue_work() because of a NULL pointer dereference.
- CVE-2024-46732Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments
- CVE-2024-46731Sep 18, 2024affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0.
Page 132 of 228