VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Module for Development Tools 15 SP6

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6

Vulnerabilities (3,752)

  • CVE-2024-26809Apr 4, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the lookup table, use it to destroy the set, otherwise it is possible to destroy eleme

  • CVE-2024-26808Apr 4, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic

  • CVE-2024-26807Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c

  • CVE-2024-26805Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar

  • CVE-2024-26804Apr 4, 2024
    affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1

    In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr

  • CVE-2024-26802Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does

  • CVE-2024-26793Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h

  • CVE-2024-26791Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou

  • CVE-2024-26786Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug Syzkaller reported the following WARN_ON: WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360 Call Trace: iommufd_access_change_ioas+0x2

  • CVE-2024-26785Apr 4, 2024
    affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufd_test_syz_conv_iova Syzkaller reported the following bug: general protection fault, probably for non-canonical address 0xdffffc0000000038: 0000 [#1] SMP KASAN KASAN:

  • CVE-2024-26783Apr 4, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the followi

  • CVE-2024-26782Apr 4, 2024
    affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin

  • CVE-2024-26780Apr 4, 2024
    affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix task hung while purging oob_skb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in list_for_each_entry_safe() for OOB skb. [0] syzbot demonstrated that the list_fo

  • CVE-2024-26750Apr 4, 2024
    affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Drop oob_skb ref before purging queue in GC. syzbot reported another task hung in __unix_gc(). [0] The current while loop assumes that all of the left candidates have oob_skb and calling kfree_skb(oo

  • CVE-2024-26775Apr 3, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1

  • CVE-2024-26774Apr 3, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap

  • CVE-2024-26773Apr 3, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a

  • CVE-2024-26772Apr 3, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating block

  • CVE-2024-26769Apr 3, 2024
    affected < 6.4.0-150600.23.7.1fixed 6.4.0-150600.23.7.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work in

  • CVE-2024-26767Apr 3, 2024
    affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check

Page 183 of 188