rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-44939 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000 | ||
| CVE-2024-44938 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop direc | ||
| CVE-2024-44935 | Med | 5.5 | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseport_add_sock(). syzbot reported a null-ptr-deref while accessing sk2->sk_reuseport_cb in reuseport_add_sock(). [0] The repro first creates a listener with SO_REUSEPORT. Then, | |
| CVE-2024-43902 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity. | |
| CVE-2024-43893 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in uartclk being zero, which will result in a divide by zero error in uart_get_divisor | |
| CVE-2024-43890 | Med | 5.5 | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum n | |
| CVE-2024-43889 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. [ 10.017908] Oops: divide error: 0000 1 PREEMPT SMP NOPT | |
| CVE-2024-44932 | — | < 5.14.21-150500.33.75.1 | 5.14.21-150500.33.75.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs from net/core/page_pool.c:page_pool_disable_direct_recycling(). Turned out idpf fr | ||
| CVE-2024-44931 | — | < 5.14.21-150500.33.72.1 | 5.14.21-150500.33.72.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an of | ||
| CVE-2024-43914 | — | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUG_ON() can b | ||
| CVE-2024-43912 | — | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels is | ||
| CVE-2024-43909 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. | ||
| CVE-2024-43908 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it | ||
| CVE-2024-43907 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference | ||
| CVE-2024-43905 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference. | ||
| CVE-2024-43904 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These var | ||
| CVE-2024-43900 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the mo | ||
| CVE-2024-43899 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20_resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all and then enabling fullscreen playback ( | ||
| CVE-2024-43897 | — | < 5.14.21-150500.33.75.1 | 5.14.21-150500.33.75.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_N | ||
| CVE-2024-43894 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drm_client_modeset_probe In drm_client_modeset_probe(), the return value of drm_mode_duplicate() is assigned to modeset->mode, which will lead to a possible NULL poin |
- CVE-2024-44939Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000
- CVE-2024-44938Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop direc
- affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseport_add_sock(). syzbot reported a null-ptr-deref while accessing sk2->sk_reuseport_cb in reuseport_add_sock(). [0] The repro first creates a listener with SO_REUSEPORT. Then,
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in uartclk being zero, which will result in a divide by zero error in uart_get_divisor
- affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum n
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. [ 10.017908] Oops: divide error: 0000 1 PREEMPT SMP NOPT
- CVE-2024-44932Aug 26, 2024affected < 5.14.21-150500.33.75.1fixed 5.14.21-150500.33.75.1
In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes (very rarely, but possible) throwing WARNs from net/core/page_pool.c:page_pool_disable_direct_recycling(). Turned out idpf fr
- CVE-2024-44931Aug 26, 2024affected < 5.14.21-150500.33.72.1fixed 5.14.21-150500.33.72.1
In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an of
- CVE-2024-43914Aug 26, 2024affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUG_ON() can b
- CVE-2024-43912Aug 26, 2024affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels is
- CVE-2024-43909Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table.
- CVE-2024-43908Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it
- CVE-2024-43907Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference
- CVE-2024-43905Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference.
- CVE-2024-43904Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These var
- CVE-2024-43900Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the mo
- CVE-2024-43899Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20_resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all and then enabling fullscreen playback (
- CVE-2024-43897Aug 26, 2024affected < 5.14.21-150500.33.75.1fixed 5.14.21-150500.33.75.1
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_N
- CVE-2024-43894Aug 26, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drm_client_modeset_probe In drm_client_modeset_probe(), the return value of drm_mode_duplicate() is assigned to modeset->mode, which will lead to a possible NULL poin
Page 25 of 122