rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6
Vulnerabilities (3,769)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-46693 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink: Fix race during initialization As pointed out by Stephen Boyd it is possible that during initialization of the pmic_glink child drivers, the protection-domain notifiers fires, and the ass | ||
| CVE-2024-46692 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark get_wq_ctx() as atomic call Currently get_wq_ctx() is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls get_wq_ctx() to resume the c | ||
| CVE-2024-46691 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move unregister out of atomic section Commit '9329933699b3 ("soc: qcom: pmic_glink: Make client-lock non-sleeping")' moved the pmic_glink client list under a spinlock, as it is accessed by the | ||
| CVE-2024-46689 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into | ||
| CVE-2024-46687 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BUG: KASAN: slab-use-after- | ||
| CVE-2024-46686 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold. | ||
| CVE-2024-46685 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of poi | ||
| CVE-2024-46681 | — | < 6.4.0-150600.8.20.1 | 6.4.0-150600.8.20.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpus_read_lock() in pg_net_init() I have seen the WARN_ON(smp_processor_id() != cpu) firing in pktgen_thread_worker() during tests. We must use cpus_read_lock()/cpus_read_unlock() around the for_ea | ||
| CVE-2024-46680 | — | < 6.4.0-150600.8.20.1 | 6.4.0-150600.8.20.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix random crash seen while removing driver This fixes the random kernel crash seen while removing the driver, when running the load/unload test over multiple iterations. 1) modprobe btnx | ||
| CVE-2024-46678 | — | < 6.4.0-150600.8.17.1 | 6.4.0-150600.8.17.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xdo_dev_state_add and xdo_dev_state_delete are called inside this lock. As ipsec_lo | ||
| CVE-2024-46677 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it | ||
| CVE-2024-46676 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination successfully passes the check 'if (!im_protocols && !tm_protocols)' in the nfc_start_p | ||
| CVE-2024-46675 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing S | ||
| CVE-2024-46674 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undo_platform_dev_alloc" is entirely bogus. It drops t | ||
| CVE-2024-46673 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aa | ||
| CVE-2024-45018 | Med | 5.5 | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload. | |
| CVE-2024-45016 | Med | 5.5 | < 6.4.0-150600.8.17.1 | 6.4.0-150600.8.17.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free. | |
| CVE-2024-46672 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wpa_supplicant 2.11 sends since 1efdba5fdc2c ("Handle PMKSA flush in the driver for SAE/OWE offload cases") SSID based PMKSA del commands. brcmfmac is | ||
| CVE-2024-45030 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: igb: cope with large MAX_SKB_FRAGS Sabrina reports that the igb driver does not cope well with large MAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload corruption on TX. An easy reproducer is to ru | ||
| CVE-2024-45029 | — | < 6.4.0-150600.8.14.1 | 6.4.0-150600.8.14.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to the following bug: BUG: sleeping functi |
- CVE-2024-46693Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink: Fix race during initialization As pointed out by Stephen Boyd it is possible that during initialization of the pmic_glink child drivers, the protection-domain notifiers fires, and the ass
- CVE-2024-46692Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark get_wq_ctx() as atomic call Currently get_wq_ctx() is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls get_wq_ctx() to resume the c
- CVE-2024-46691Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move unregister out of atomic section Commit '9329933699b3 ("soc: qcom: pmic_glink: Make client-lock non-sleeping")' moved the pmic_glink client list under a spinlock, as it is accessed by the
- CVE-2024-46689Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into
- CVE-2024-46687Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BUG: KASAN: slab-use-after-
- CVE-2024-46686Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold.
- CVE-2024-46685Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of poi
- CVE-2024-46681Sep 13, 2024affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1
In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpus_read_lock() in pg_net_init() I have seen the WARN_ON(smp_processor_id() != cpu) firing in pktgen_thread_worker() during tests. We must use cpus_read_lock()/cpus_read_unlock() around the for_ea
- CVE-2024-46680Sep 13, 2024affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix random crash seen while removing driver This fixes the random kernel crash seen while removing the driver, when running the load/unload test over multiple iterations. 1) modprobe btnx
- CVE-2024-46678Sep 13, 2024affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xdo_dev_state_add and xdo_dev_state_delete are called inside this lock. As ipsec_lo
- CVE-2024-46677Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it
- CVE-2024-46676Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination successfully passes the check 'if (!im_protocols && !tm_protocols)' in the nfc_start_p
- CVE-2024-46675Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing S
- CVE-2024-46674Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undo_platform_dev_alloc" is entirely bogus. It drops t
- CVE-2024-46673Sep 13, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aa
- affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload.
- affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1
In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.
- CVE-2024-46672Sep 11, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wpa_supplicant 2.11 sends since 1efdba5fdc2c ("Handle PMKSA flush in the driver for SAE/OWE offload cases") SSID based PMKSA del commands. brcmfmac is
- CVE-2024-45030Sep 11, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: igb: cope with large MAX_SKB_FRAGS Sabrina reports that the igb driver does not cope well with large MAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload corruption on TX. An easy reproducer is to ru
- CVE-2024-45029Sep 11, 2024affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1
In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to the following bug: BUG: sleeping functi
Page 122 of 189