rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-27030		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two C
CVE-2024-27029		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140.
CVE-2024-27028		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a che
CVE-2024-27027		—	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_xa_ref_*_del() for multiple registrations Currently, if there are multiple registrations of the same pin on the same dpll device, following warnings are observed: WARNING: CPU: 5 PID: 2212 at dri
CVE-2024-27026		—	< 6.4.0-150600.8.17.1	6.4.0-150600.8.17.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom WARNING:
CVE-2024-27022	Hig	7.8	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfs_fallocate dup_mmap hugetlbfs_punch_hole
CVE-2024-27020	Hig	7.0	< 6.4.0-150600.8.8.1	6.4.0-150600.8.8.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li
CVE-2024-27013	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe
CVE-2024-27004	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40e
CVE-2024-26993	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn
CVE-2024-26988	Hig	7.8	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential static_command_line memory overflow We allocate memory of size 'xlen + strlen(boot_command_line) + 1' for static_command_line, but the strings copied into static_command_line are extr
CVE-2024-26982	Hig	7.1	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in
CVE-2024-26973	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must
CVE-2024-26961	Hig	7.8	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del mac802154_llsec_key_del() can free resources of a key directly without following the RCU rules for waiting before the end of a grace period.
CVE-2024-26960	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could run and teardown a swap_info_struct while a call to free_swap_and_cache() was runni
CVE-2024-26958	Hig	7.8	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at
CVE-2024-26951	Hig	7.8	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list wit
CVE-2024-26950	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device being dereferenced. It's actually easier and faster performance-wise to instead get
CVE-2024-26937	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request t
CVE-2024-26935	Med	5.5	< 6.4.0-150600.8.5.1	6.4.0-150600.8.5.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a

CVE-2024-27030May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two C
CVE-2024-27029May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140.
CVE-2024-27028May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a che
CVE-2024-27027May 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_xa_ref_*_del() for multiple registrations Currently, if there are multiple registrations of the same pin on the same dpll device, following warnings are observed: WARNING: CPU: 5 PID: 2212 at dri
CVE-2024-27026May 1, 2024
affected < 6.4.0-150600.8.17.1fixed 6.4.0-150600.8.17.1
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom WARNING:
CVE-2024-27022HigMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfs_fallocate dup_mmap hugetlbfs_punch_hole
CVE-2024-27020HigMay 1, 2024
affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li
CVE-2024-27013MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe
CVE-2024-27004MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40e
CVE-2024-26993MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn
CVE-2024-26988HigMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential static_command_line memory overflow We allocate memory of size 'xlen + strlen(boot_command_line) + 1' for static_command_line, but the strings copied into static_command_line are extr
CVE-2024-26982HigMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in
CVE-2024-26973MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must
CVE-2024-26961HigMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del mac802154_llsec_key_del() can free resources of a key directly without following the RCU rules for waiting before the end of a grace period.
CVE-2024-26960MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could run and teardown a swap_info_struct while a call to free_swap_and_cache() was runni
CVE-2024-26958HigMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at
CVE-2024-26951HigMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list wit
CVE-2024-26950MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device being dereferenced. It's actually easier and faster performance-wise to instead get
CVE-2024-26937MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request t
CVE-2024-26935MedMay 1, 2024
affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a

Page 177 of 189