rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-27065	Hig	7.8	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.
CVE-2024-27025	Med	5.5	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.
CVE-2024-27024	Hig	7.8	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr().
CVE-2024-27389		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0
CVE-2024-27388		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.
CVE-2024-27080		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario
CVE-2024-27079		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle
CVE-2024-27067		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DEBUG_SHIRQ. This might cau
CVE-2024-27064		—	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch fixes it by moving nft_s
CVE-2023-52653		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error
CVE-2023-52652		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntb_register_device() If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), ca
CVE-2024-27062		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306
CVE-2024-27057		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during suspend the D
CVE-2024-27056		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may
CVE-2024-27050		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTS_SET() macro in bpf_xdp_query() When the feature_flags and xdp_zc_max_segs fields were added to the libbpf bpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro. This causes
CVE-2024-27049		—	< 6.4.0-150600.8.11.1	6.4.0-150600.8.11.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event af
CVE-2024-27046		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po
CVE-2024-27043		—	< 6.4.0-150600.8.17.1	6.4.0-150600.8.17.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, pdvbdev is not set to NULL after dvbdev's deallocatio
CVE-2024-27036		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: cifs: Fix writeback data corruption cifs writeback doesn't correctly handle the case where cifs_extend_writeback() hits a point where it is considering an additional folio, but this would overrun the wsize - at
CVE-2024-27031		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt The loop inside nfs_netfs_issue_read() currently does not disable interrupts while iterating through pages in the xarray to submit for NFS

CVE-2024-27065HigMay 1, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.
CVE-2024-27025MedMay 1, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.
CVE-2024-27024HigMay 1, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr().
CVE-2024-27389May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0
CVE-2024-27388May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.
CVE-2024-27080May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario
CVE-2024-27079May 1, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle
CVE-2024-27067May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DEBUG_SHIRQ. This might cau
CVE-2024-27064May 1, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch fixes it by moving nft_s
CVE-2023-52653May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error
CVE-2023-52652May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntb_register_device() If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), ca
CVE-2024-27062May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306
CVE-2024-27057May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during suspend the D
CVE-2024-27056May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may
CVE-2024-27050May 1, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTS_SET() macro in bpf_xdp_query() When the feature_flags and xdp_zc_max_segs fields were added to the libbpf bpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro. This causes
CVE-2024-27049May 1, 2024
affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event af
CVE-2024-27046May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po
CVE-2024-27043May 1, 2024
affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1
In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio
CVE-2024-27036May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix writeback data corruption cifs writeback doesn't correctly handle the case where cifs_extend_writeback() hits a point where it is considering an additional folio, but this would overrun the wsize - at
CVE-2024-27031May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt The loop inside nfs_netfs_issue_read() currently does not disable interrupts while iterating through pages in the xarray to submit for NFS

Page 176 of 189