rpm package

suse/kernel-source-rt&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (4,438)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-26635		—	< 6.4.0-9.1	6.4.0-9.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b
CVE-2024-26634		—	< 6.4.0-28.1	6.4.0-28.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get "refunde
CVE-2023-52616		—	< 6.4.0-9.1	6.4.0-9.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init When the mpi_ec_ctx structure is initialized, some fields are not cleared, causing a crash when referencing the field when the structure was releas
CVE-2024-26633		—	< 6.4.0-9.1	6.4.0-9.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea
CVE-2024-26632		—	< 6.4.0-9.1	6.4.0-9.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a NULL pointer and oopses. Move the test that we've reached the end of th
CVE-2024-26631		—	< 6.4.0-10.1	6.4.0-10.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work idev->mc_ifc_count can be written over without proper locking. Originally found by syzbot [1], fix this issue by encapsulating calls to mld_ifc_stop_wo
CVE-2023-52610		—	< 6.4.0-11.1	6.4.0-11.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph w
CVE-2024-26625		—	< 6.4.0-9.1	6.4.0-9.1	Mar 6, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after cal
CVE-2024-26623		—	< 6.4.0-9.1	6.4.0-9.1	Mar 6, 2024	In the Linux kernel, the following vulnerability has been resolved: pds_core: Prevent race issues involving the adminq There are multiple paths that can result in using the pdsc's adminq. [1] pdsc_adminq_isr and the resulting work from queue_work(), i.e. pdsc_work_thread()
CVE-2023-52591		—	< 6.4.0-25.1	6.4.0-25.1	Mar 6, 2024	In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if
CVE-2023-52581		—	< 6.4.0-10.1	6.4.0-10.1	Mar 2, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before
CVE-2024-26615		—	< 6.4.0-9.1	6.4.0-9.1	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
CVE-2024-26611		—	< 6.4.0-9.1	6.4.0-9.1	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256]
CVE-2023-52489		—	< 6.4.0-10.1	6.4.0-10.1	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
CVE-2023-52483		—	< 6.4.0-9.1	6.4.0-9.1	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mctp: perform route lookups under a RCU read-side lock Our current route lookups (mctp_route_lookup and mctp_route_lookup_null) traverse the net's route list without the RCU read lock held. This means the route
CVE-2023-52472		—	< 6.4.0-9.1	6.4.0-9.1	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in
CVE-2024-26596	Med	5.5	< 6.4.0-22.1	6.4.0-22.1	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy
CVE-2023-52463		—	< 6.4.0-25.1	6.4.0-25.1	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as
CVE-2024-26590		—	< 6.4.0-10.1	6.4.0-10.1	Feb 22, 2024	In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initiali
CVE-2024-26584		—	< 6.4.0-37.1	6.4.0-37.1	Feb 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES

CVE-2024-26635Mar 18, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b
CVE-2024-26634Mar 18, 2024
affected < 6.4.0-28.1fixed 6.4.0-28.1
In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get "refunde
CVE-2023-52616Mar 18, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init When the mpi_ec_ctx structure is initialized, some fields are not cleared, causing a crash when referencing the field when the structure was releas
CVE-2024-26633Mar 18, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea
CVE-2024-26632Mar 18, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a NULL pointer and oopses. Move the test that we've reached the end of th
CVE-2024-26631Mar 18, 2024
affected < 6.4.0-10.1fixed 6.4.0-10.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work idev->mc_ifc_count can be written over without proper locking. Originally found by syzbot [1], fix this issue by encapsulating calls to mld_ifc_stop_wo
CVE-2023-52610Mar 18, 2024
affected < 6.4.0-11.1fixed 6.4.0-11.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph w
CVE-2024-26625Mar 6, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after cal
CVE-2024-26623Mar 6, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: pds_core: Prevent race issues involving the adminq There are multiple paths that can result in using the pdsc's adminq. [1] pdsc_adminq_isr and the resulting work from queue_work(), i.e. pdsc_work_thread()
CVE-2023-52591Mar 6, 2024
affected < 6.4.0-25.1fixed 6.4.0-25.1
In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if
CVE-2023-52581Mar 2, 2024
affected < 6.4.0-10.1fixed 6.4.0-10.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before
CVE-2024-26615Feb 29, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
CVE-2024-26611Feb 29, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256]
CVE-2023-52489Feb 29, 2024
affected < 6.4.0-10.1fixed 6.4.0-10.1
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
CVE-2023-52483Feb 29, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: mctp: perform route lookups under a RCU read-side lock Our current route lookups (mctp_route_lookup and mctp_route_lookup_null) traverse the net's route list without the RCU read lock held. This means the route
CVE-2023-52472Feb 25, 2024
affected < 6.4.0-9.1fixed 6.4.0-9.1
In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in
CVE-2024-26596MedFeb 23, 2024
affected < 6.4.0-22.1fixed 6.4.0-22.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy
CVE-2023-52463Feb 23, 2024
affected < 6.4.0-25.1fixed 6.4.0-25.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as
CVE-2024-26590Feb 22, 2024
affected < 6.4.0-10.1fixed 6.4.0-10.1
In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initiali
CVE-2024-26584Feb 21, 2024
affected < 6.4.0-37.1fixed 6.4.0-37.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES

Page 221 of 222