rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6
Vulnerabilities (3,769)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35784 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock with fiemap and extent locking While working on the patchset to remove extent locking I got a lockdep splat with fiemap and pagefaulting with my new extent lock replacement lock. This deadl | ||
| CVE-2024-27431 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdp_rxq_info data structure being used in the xdp_b | |
| CVE-2024-27419 | Med | 4.7 | < 6.4.0-150600.8.8.1 | 6.4.0-150600.8.8.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently. | |
| CVE-2024-27435 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, admin_q reconnect failed forever while remote target and network is ok. After di | ||
| CVE-2024-27434 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK The firmware doesn't need the MFP flag for the GTK, it can even make the firmware crash. in case the AP is configured with: group cipher TKIP and MFPC. We | ||
| CVE-2024-27433 | — | < 6.4.0-150600.8.11.1 | 6.4.0-150600.8.11.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() 'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling mtk_free_clk_data() explicitly in the remove functio | ||
| CVE-2024-27432 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtk_ppe_stop() function, the PPE scan mode is not disabled before disabling the PPE | ||
| CVE-2023-52660 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQF_SHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered d | ||
| CVE-2023-52659 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type On 64-bit platforms, the pfn_to_kaddr() macro requires that the input value is 64 bits in order to ensure that valid address bits don't get los | ||
| CVE-2023-52658 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" This reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b. The revert is required due to the suspicion it is not good for anything and c | ||
| CVE-2024-27418 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctp_local_output Currently, mctp_local_output only takes ownership of skb on success, and we may leak an skb if mctp_local_output fails in specific states; the skb ownership | ||
| CVE-2024-27417 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINV | ||
| CVE-2024-27416 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST If we received HCI_EV_IO_CAPA_REQUEST while HCI_OP_READ_REMOTE_EXT_FEATURES is yet to be responded assume the remote does support SSP since otherwise | ||
| CVE-2024-27415 | — | < 6.4.0-150600.8.37.1 | 6.4.0-150600.8.37.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) | ||
| CVE-2024-27414 | — | < 6.4.0-150600.8.8.1 | 6.4.0-150600.8.8.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back In the commit d73ef2d69c0d ("rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length"), an adjustment was made to the old loop logic in the | ||
| CVE-2024-27413 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In | ||
| CVE-2024-27412 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx-i2c: Do not free non existing IRQ The bq27xxx i2c-client may not have an IRQ, in which case client->irq will be 0. bq27xxx_battery_i2c_probe() already has an if (client->irq) check wrappi | ||
| CVE-2024-27411 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: keep DMA buffers required for suspend/resume Nouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly. This is likely not as big an issue on s | ||
| CVE-2024-27410 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an | ||
| CVE-2024-27408 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell re |
- CVE-2024-35784May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock with fiemap and extent locking While working on the patchset to remove extent locking I got a lockdep splat with fiemap and pagefaulting with my new extent lock replacement lock. This deadl
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdp_rxq_info data structure being used in the xdp_b
- affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.
- CVE-2024-27435May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, admin_q reconnect failed forever while remote target and network is ok. After di
- CVE-2024-27434May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK The firmware doesn't need the MFP flag for the GTK, it can even make the firmware crash. in case the AP is configured with: group cipher TKIP and MFPC. We
- CVE-2024-27433May 17, 2024affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() 'clk_data' is allocated with mtk_devm_alloc_clk_data(). So calling mtk_free_clk_data() explicitly in the remove functio
- CVE-2024-27432May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtk_ppe_stop() function, the PPE scan mode is not disabled before disabling the PPE
- CVE-2023-52660May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQF_SHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered d
- CVE-2023-52659May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type On 64-bit platforms, the pfn_to_kaddr() macro requires that the input value is 64 bits in order to ensure that valid address bits don't get los
- CVE-2023-52658May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" This reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b. The revert is required due to the suspicion it is not good for anything and c
- CVE-2024-27418May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctp_local_output Currently, mctp_local_output only takes ownership of skb on success, and we may leak an skb if mctp_local_output fails in specific states; the skb ownership
- CVE-2024-27417May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINV
- CVE-2024-27416May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST If we received HCI_EV_IO_CAPA_REQUEST while HCI_OP_READ_REMOTE_EXT_FEATURES is yet to be responded assume the remote does support SSP since otherwise
- CVE-2024-27415May 17, 2024affected < 6.4.0-150600.8.37.1fixed 6.4.0-150600.8.37.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)
- CVE-2024-27414May 17, 2024affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back In the commit d73ef2d69c0d ("rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length"), an adjustment was made to the old loop logic in the
- CVE-2024-27413May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In
- CVE-2024-27412May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx-i2c: Do not free non existing IRQ The bq27xxx i2c-client may not have an IRQ, in which case client->irq will be 0. bq27xxx_battery_i2c_probe() already has an if (client->irq) check wrappi
- CVE-2024-27411May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: keep DMA buffers required for suspend/resume Nouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly. This is likely not as big an issue on s
- CVE-2024-27410May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an
- CVE-2024-27408May 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell re
Page 174 of 189