rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-41039		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmw
CVE-2024-41038		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length
CVE-2024-41037		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hw_params_upon_resume(). On Intel platforms with HDA DMA used to manage the link DM
CVE-2024-41036		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq:
CVE-2024-41035		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin
CVE-2024-41032		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps between set CPUs, for example SPARC. In this scenario addr_to_vb_xa() hash func
CVE-2024-41031		—	< 6.4.0-150600.8.17.1	6.4.0-150600.8.17.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/filemap: skip to create PMD-sized page cache if needed On ARM64, HPAGE_PMD_ORDER is 13 when the base page size is 64KB. The PMD-sized page cache can't be supported by xarray as the following error messages
CVE-2024-41028		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is mi
CVE-2024-41025		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is
CVE-2024-41023		—	< 6.4.0-150600.8.20.1	6.4.0-150600.8.20.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix task_struct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak
CVE-2024-41022		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" variable needs to be signed for the error handling to work.
CVE-2024-41020		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p
CVE-2024-41016	Med	5.5	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me
CVE-2024-41017		—	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist.
CVE-2024-41015		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don't stray beyond valid memory region.
CVE-2024-41014		—	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data. We can create a crafted image to
CVE-2024-41013		—	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to make sure don't stray beyond valid memory region. Before patching, the loop simp
CVE-2024-41091		—	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tun_xdp_one() path, which could cause a corrupted skb to be sent downstack. Even be
CVE-2024-41090		—	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Ev
CVE-2024-41012		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	Jul 23, 2024	In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait(). However, LSMs can allow the first do_lock_file_wait

CVE-2024-41039Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmw
CVE-2024-41038Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length
CVE-2024-41037Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hw_params_upon_resume(). On Intel platforms with HDA DMA used to manage the link DM
CVE-2024-41036Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq:
CVE-2024-41035Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin
CVE-2024-41032Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps between set CPUs, for example SPARC. In this scenario addr_to_vb_xa() hash func
CVE-2024-41031Jul 29, 2024
affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: skip to create PMD-sized page cache if needed On ARM64, HPAGE_PMD_ORDER is 13 when the base page size is 64KB. The PMD-sized page cache can't be supported by xarray as the following error messages
CVE-2024-41028Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is mi
CVE-2024-41025Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is
CVE-2024-41023Jul 29, 2024
affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix task_struct reference leak During the execution of the following stress test with linux-rt: stress-ng --cyclic 30 --timeout 30 --minimize --quiet kmemleak frequently reported a memory leak
CVE-2024-41022Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" variable needs to be signed for the error handling to work.
CVE-2024-41020Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p
CVE-2024-41016MedJul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me
CVE-2024-41017Jul 29, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist.
CVE-2024-41015Jul 29, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don't stray beyond valid memory region.
CVE-2024-41014Jul 29, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data. We can create a crafted image to
CVE-2024-41013Jul 29, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to make sure don't stray beyond valid memory region. Before patching, the loop simp
CVE-2024-41091Jul 29, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tun_xdp_one() path, which could cause a corrupted skb to be sent downstack. Even be
CVE-2024-41090Jul 29, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Ev
CVE-2024-41012Jul 23, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait(). However, LSMs can allow the first do_lock_file_wait

Page 139 of 189