rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Real Time 12 SP5

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Vulnerabilities (1,429)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-42093	Hig	7.3	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow.
CVE-2024-42090	Med	5.5	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER In create_pinctrl(), pinctrl_maps_mutex is acquired before calling add_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl() c
CVE-2024-42082	Med	5.5	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from __xdp_reg_mem_model() syzkaller reports a warning in __xdp_reg_mem_model(). The warning occurs only if __mem_id_init_hash_table() returns an error. It returns the error in two cases:
CVE-2024-42070	Med	5.5	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERD
CVE-2024-42077		—	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2_dio_end_io_write() estimates number of necessary transaction credits using ocfs2_calc_extend_credits(). This however does not ta
CVE-2024-41098		—	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ata_port_alloc() call in ata_host_alloc() fails, ata_host_release() will get called. However, the code in ata_host_release() tries to free ata_por
CVE-2024-41097		—	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be u
CVE-2024-41095		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der
CVE-2024-41089		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der
CVE-2024-41087		—	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri
CVE-2024-41082		—	< 4.12.14-10.203.1	4.12.14-10.203.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of admin_q. If a reset (nvm
CVE-2024-41081		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunne
CVE-2024-41079		—	< 4.12.14-10.203.1	4.12.14-10.203.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar
CVE-2024-41078		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix quota root leak after quota disable failure If during the quota disable we fail when cleaning the quota tree or when deleting the root from the root tree, we jump to the 'out' label without e
CVE-2024-41076		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label We leak nfs_fattr and nfs4_label every time we set a security xattr.
CVE-2024-41073		—	< 4.12.14-10.203.1	4.12.14-10.203.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQF_SPECIAL_LOAD when the re
CVE-2024-41072		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211_wext_siwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IW_MAX_FREQUENCIES and r
CVE-2024-41070		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Al reported a possible use-after-free (UAF) in kvm_spapr_tce_attach_iommu_group(). It looks up `stt` from tablefd, but then continues to u
CVE-2024-41068		—	< 4.12.14-10.200.1	4.12.14-10.200.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclp_init() cleanup on failure If sclp_init() fails it only partially cleans up: if there are multiple failing calls to sclp_init() sclp_state_change_event will be added several times to sclp_reg
CVE-2024-41066		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: tx_buff[free_map[consumer_index]]->skb = new_skb; free_map[consumer_index] =

CVE-2024-42093HigJul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow.
CVE-2024-42090MedJul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER In create_pinctrl(), pinctrl_maps_mutex is acquired before calling add_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl() c
CVE-2024-42082MedJul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from __xdp_reg_mem_model() syzkaller reports a warning in __xdp_reg_mem_model(). The warning occurs only if __mem_id_init_hash_table() returns an error. It returns the error in two cases:
CVE-2024-42070MedJul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERD
CVE-2024-42077Jul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2_dio_end_io_write() estimates number of necessary transaction credits using ocfs2_calc_extend_credits(). This however does not ta
CVE-2024-41098Jul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ata_port_alloc() call in ata_host_alloc() fails, ata_host_release() will get called. However, the code in ata_host_release() tries to free ata_por
CVE-2024-41097Jul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be u
CVE-2024-41095Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der
CVE-2024-41089Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der
CVE-2024-41087Jul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri
CVE-2024-41082Jul 29, 2024
affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of admin_q. If a reset (nvm
CVE-2024-41081Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunne
CVE-2024-41079Jul 29, 2024
affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar
CVE-2024-41078Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix quota root leak after quota disable failure If during the quota disable we fail when cleaning the quota tree or when deleting the root from the root tree, we jump to the 'out' label without e
CVE-2024-41076Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label We leak nfs_fattr and nfs4_label every time we set a security xattr.
CVE-2024-41073Jul 29, 2024
affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQF_SPECIAL_LOAD when the re
CVE-2024-41072Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211_wext_siwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IW_MAX_FREQUENCIES and r
CVE-2024-41070Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Al reported a possible use-after-free (UAF) in kvm_spapr_tce_attach_iommu_group(). It looks up `stt` from tablefd, but then continues to u
CVE-2024-41068Jul 29, 2024
affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclp_init() cleanup on failure If sclp_init() fails it only partially cleans up: if there are multiple failing calls to sclp_init() sclp_state_change_event will be added several times to sclp_reg
CVE-2024-41066Jul 29, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: tx_buff[free_map[consumer_index]]->skb = new_skb; free_map[consumer_index] =

Page 8 of 72