rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48870 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spk_ttyio_release Run the following tests on the qemu platform: syzkaller:~# modprobe speakup_audptr input: Speakup as /devices/virtual/input/input4 initialized device: /d | ||
| CVE-2022-48869 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the | ||
| CVE-2022-48868 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes tha | ||
| CVE-2024-43882 | Hig | 7.0 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer | |
| CVE-2024-43879 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel: | |
| CVE-2024-43871 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele | |
| CVE-2024-43880 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e | ||
| CVE-2024-43873 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un | ||
| CVE-2024-43872 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han | ||
| CVE-2024-43867 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in | ||
| CVE-2024-43866 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W | ||
| CVE-2024-43863 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait-> | ||
| CVE-2024-43861 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | ||
| CVE-2024-43858 | Hig | 7.8 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree | |
| CVE-2024-43856 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to | |
| CVE-2024-43834 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of page_pool_destroy() If the driver uses a page pool, it creates a page pool with page_pool_create(). The reference count of page pool is 1 as default. A page pool will be destroy | |
| CVE-2024-43830 | Hig | 7.8 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by the activate() callback and | |
| CVE-2024-43828 | Med | 5.5 | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the re | |
| CVE-2024-43860 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Skip over memory region when node value is NULL In imx_rproc_addr_init() "nph = of_count_phandle_with_args()" just counts number of phandles. But phandles may be empty. So of_parse_phandl | ||
| CVE-2024-43854 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. For PI metadata this |
- CVE-2022-48870Aug 21, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spk_ttyio_release Run the following tests on the qemu platform: syzkaller:~# modprobe speakup_audptr input: Speakup as /devices/virtual/input/input4 initialized device: /d
- CVE-2022-48869Aug 21, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the
- CVE-2022-48868Aug 21, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes tha
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel:
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele
- CVE-2024-43880Aug 21, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e
- CVE-2024-43873Aug 21, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un
- CVE-2024-43872Aug 21, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han
- CVE-2024-43867Aug 20, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in
- CVE-2024-43866Aug 20, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W
- CVE-2024-43863Aug 20, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait->
- CVE-2024-43861Aug 20, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of page_pool_destroy() If the driver uses a page pool, it creates a page pool with page_pool_create(). The reference count of page pool is 1 as default. A page pool will be destroy
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by the activate() callback and
- affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the re
- CVE-2024-43860Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Skip over memory region when node value is NULL In imx_rproc_addr_init() "nph = of_count_phandle_with_args()" just counts number of phandles. But phandles may be empty. So of_parse_phandl
- CVE-2024-43854Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. For PI metadata this
Page 30 of 122