VYPR

rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

  • CVE-2024-44982Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails If the dpu_format_populate_layout() fails, then FB is prepared, but not cleaned up. This ends up leaking the pin_count on the GEM object and causes a

  • CVE-2024-44960MedSep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn't properly set

  • CVE-2024-44948MedSep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed variant has a separate ca

  • CVE-2024-44971Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() bcm_sf2_mdio_register() calls of_phy_find_device() and then phy_device_remove() in a loop to remove existing PHY devices. of_phy_find_dev

  • CVE-2024-44970Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from the WQ linked list (mlx5_wq_ll_pop()). For SHAMPO, it is possible to receive CQEs

  • CVE-2024-44969Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or fir

  • CVE-2024-44967Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devm_add_action_or_reset() will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so thi

  • CVE-2024-44965Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then #DF from the stack g

  • CVE-2024-44964Sep 4, 2024
    affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring q_vector->vport pointers after reinitializating the structures. This is due to

  • CVE-2024-44963Sep 4, 2024
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() when freeing tree block after error When freeing a tree block, at btrfs_free_tree_block(), if we fail to create a delayed reference we don't deal with the error and just do a BUG_ON(). Th

  • CVE-2024-44962Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading When unload the btnxpuart driver, its associated timer will be deleted. If the timer happens to be modified at this moment, it lea

  • CVE-2024-44961Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Forward soft recovery errors to userspace As we discussed before[1], soft recovery should be forwarded to userspace, or we can get into a really bad state where apps will keep submitting hanging com

  • CVE-2024-44958Sep 4, 2024
    affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1

    In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_de

  • CVE-2024-44954Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by s

  • CVE-2024-44951Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the

  • CVE-2024-44950Sep 4, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix invalid FIFO access with special register set When enabling access to the special register set, Receiver time-out and RHR interrupts can happen. In this case, the IRQ handler will try to

  • CVE-2024-44947Sep 2, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable page zeroing (because it can be used to change partial page contents). So fuse_

  • CVE-2024-44946Aug 31, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported UAF in kcm_release(). [0] The scenario is 1. Thread A builds a skb with MSG_MORE and sets kcm->seq_skb. 2. Thread A resumes building s

  • CVE-2024-44944MedAug 30, 2024
    affected < 6.4.0-150600.8.14.1fixed 6.4.0-150600.8.14.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expecta

  • CVE-2024-44939Aug 26, 2024
    affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000

Page 125 of 189