rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6
Vulnerabilities (3,769)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35977 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). This can trigger a NULL pointer deref | ||
| CVE-2024-35975 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which added support for Round ro | ||
| CVE-2024-35974 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q->blkg_list when calling blkcg_init_ | ||
| CVE-2024-35972 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix | ||
| CVE-2024-35971 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851_irq() thread may call ks8851_rx_pkts() in case there are any packets in the MAC FIFO, which calls netif_rx(). This netif_rx() impleme | ||
| CVE-2024-35970 | — | < 6.4.0-150600.8.8.1 | 6.4.0-150600.8.8.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Clear stale u->oob_skb. syzkaller started to report deadlock of unix_gc_lock after commit 4090fa373f0e ("af_unix: Replace garbage collection algorithm."), but it just uncovers the bug that has been the | ||
| CVE-2024-35964 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. | ||
| CVE-2024-35963 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input length before copying data. | ||
| CVE-2024-35961 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under devlink lock In case device is having a non fatal FW error during probe, the driver will report the error to user via devlink. This will trigger a WARN_ON, since mlx5 is c | ||
| CVE-2024-35959 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which calls mlx5e_selq_apply() that assures that the `priv->state_lock` is held using lockde | ||
| CVE-2024-35957 | — | < 6.4.0-150600.8.8.1 | 6.4.0-150600.8.8.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each | ||
| CVE-2024-35956 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations Create subvolume, create snapshot and delete subvolume all use btrfs_subvolume_reserve_metadata() to reserve metadata for the changes done to | ||
| CVE-2024-35954 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_put(). sg_device_destroy() is accessing the parent scsi_device request_queue which | ||
| CVE-2024-35953 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in context_xa ivpu_device->context_xa is locked both in kernel thread and IRQ context. It requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization otherwise the lock could be | ||
| CVE-2024-35952 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in ast_dp_set_on_off() that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by | ||
| CVE-2024-35951 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PATCH] drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() If some the pages or sgt allocation failed, we shouldn't re | ||
| CVE-2024-35949 | — | < 6.4.0-150600.8.11.1 | 6.4.0-150600.8.11.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if | ||
| CVE-2024-35944 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug. memcpy: detected field-spanning write (size 56) of single field "&dg_info->msg" at drivers/misc/ | |
| CVE-2024-35940 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the poin | |
| CVE-2024-35936 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption, as it could be caused only by two impossible conditions: - at first |
- CVE-2024-35977May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). This can trigger a NULL pointer deref
- CVE-2024-35975May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which added support for Round ro
- CVE-2024-35974May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q->blkg_list when calling blkcg_init_
- CVE-2024-35972May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix
- CVE-2024-35971May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851_irq() thread may call ks8851_rx_pkts() in case there are any packets in the MAC FIFO, which calls netif_rx(). This netif_rx() impleme
- CVE-2024-35970May 20, 2024affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Clear stale u->oob_skb. syzkaller started to report deadlock of unix_gc_lock after commit 4090fa373f0e ("af_unix: Replace garbage collection algorithm."), but it just uncovers the bug that has been the
- CVE-2024-35964May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data.
- CVE-2024-35963May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Fix not validating setsockopt user input Check user input length before copying data.
- CVE-2024-35961May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under devlink lock In case device is having a non fatal FW error during probe, the driver will report the error to user via devlink. This will trigger a WARN_ON, since mlx5 is c
- CVE-2024-35959May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which calls mlx5e_selq_apply() that assures that the `priv->state_lock` is held using lockde
- CVE-2024-35957May 20, 2024affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARN_ON in iommu probe path Commit 1a75cc710b95 ("iommu/vt-d: Use rbtree to track iommu probed devices") adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each
- CVE-2024-35956May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations Create subvolume, create snapshot and delete subvolume all use btrfs_subvolume_reserve_metadata() to reserve metadata for the changes done to
- CVE-2024-35954May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_put(). sg_device_destroy() is accessing the parent scsi_device request_queue which
- CVE-2024-35953May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in context_xa ivpu_device->context_xa is locked both in kernel thread and IRQ context. It requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization otherwise the lock could be
- CVE-2024-35952May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in ast_dp_set_on_off() that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by
- CVE-2024-35951May 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() Subject: [PATCH] drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() If some the pages or sgt allocation failed, we shouldn't re
- CVE-2024-35949May 20, 2024affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug. memcpy: detected field-spanning write (size 56) of single field "&dg_info->msg" at drivers/misc/
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the poin
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption, as it could be caused only by two impossible conditions: - at first
Page 165 of 189