rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42292 | Hig | 7.1 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within | |
| CVE-2024-42283 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (e | |
| CVE-2024-42281 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2]. | |
| CVE-2024-42276 | Med | 5.5 | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference. | |
| CVE-2024-42265 | Med | 5.5 | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec | |
| CVE-2024-42322 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression | ||
| CVE-2024-42320 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti | ||
| CVE-2024-42319 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel | ||
| CVE-2024-42318 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN | ||
| CVE-2024-42315 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all | ||
| CVE-2024-42313 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part | ||
| CVE-2024-42311 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ================================== | ||
| CVE-2024-42310 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on | ||
| CVE-2024-42309 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref | ||
| CVE-2024-42301 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i | ||
| CVE-2024-42295 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected in nilfs_btnode_create_block(), triggering a kernel bug. It is not appropriate to | ||
| CVE-2024-42291 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust | ||
| CVE-2024-42289 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array. For all these stale | ||
| CVE-2024-42288 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB | ||
| CVE-2024-42287 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c #PF: supervisor read access in kerne |
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (e
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2].
- affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference.
- affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec
- CVE-2024-42322Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression
- CVE-2024-42320Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti
- CVE-2024-42319Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel
- CVE-2024-42318Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN
- CVE-2024-42315Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all
- CVE-2024-42313Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part
- CVE-2024-42311Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ==================================
- CVE-2024-42310Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on
- CVE-2024-42309Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref
- CVE-2024-42301Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i
- CVE-2024-42295Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected in nilfs_btnode_create_block(), triggering a kernel bug. It is not appropriate to
- CVE-2024-42291Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust
- CVE-2024-42289Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array. For all these stale
- CVE-2024-42288Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB
- CVE-2024-42287Aug 17, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c #PF: supervisor read access in kerne
Page 32 of 122