rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6
Vulnerabilities (3,769)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52489 | — | < 6.4.0-150600.8.11.1 | 6.4.0-150600.8.11.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA | ||
| CVE-2023-52483 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mctp: perform route lookups under a RCU read-side lock Our current route lookups (mctp_route_lookup and mctp_route_lookup_null) traverse the net's route list without the RCU read lock held. This means the route | ||
| CVE-2023-52472 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in | ||
| CVE-2024-26601 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod | ||
| CVE-2024-26596 | Med | 5.5 | < 6.4.0-150600.8.20.1 | 6.4.0-150600.8.20.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy | |
| CVE-2023-52458 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th | |
| CVE-2023-52463 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as | ||
| CVE-2024-26590 | — | < 6.4.0-150600.8.11.1 | 6.4.0-150600.8.11.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initiali | ||
| CVE-2024-26584 | — | < 6.4.0-150600.8.52.1 | 6.4.0-150600.8.52.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | ||
| CVE-2023-52435 | — | < 6.4.0-150600.8.8.1 | 6.4.0-150600.8.8.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computation in skb_segment() can | ||
| CVE-2023-52434 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create cont | ||
| CVE-2024-25739 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 12, 2024 | create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |
| CVE-2024-25741 | — | < 6.4.0-150600.8.8.1 | 6.4.0-150600.8.8.1 | Feb 12, 2024 | printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact. | ||
| CVE-2024-24861 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Feb 5, 2024 | A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. | ||
| CVE-2024-22099 | Med | 6.3 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Jan 25, 2024 | NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2. | |
| CVE-2024-23848 | Med | 5.5 | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Jan 23, 2024 | In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. | |
| CVE-2023-39197 | — | < 6.4.0-150600.8.52.1 | 6.4.0-150600.8.52.1 | Jan 23, 2024 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | ||
| CVE-2023-6531 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Jan 21, 2024 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | ||
| CVE-2024-0639 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Jan 17, 2024 | A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. | ||
| CVE-2023-6270 | — | < 6.4.0-150600.8.5.1 | 6.4.0-150600.8.5.1 | Jan 4, 2024 | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob |
- CVE-2023-52489Feb 29, 2024affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
- CVE-2023-52483Feb 29, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: mctp: perform route lookups under a RCU read-side lock Our current route lookups (mctp_route_lookup and mctp_route_lookup_null) traverse the net's route list without the RCU read lock held. This means the route
- CVE-2023-52472Feb 25, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in
- CVE-2024-26601Feb 24, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod
- affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th
- CVE-2023-52463Feb 23, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as
- CVE-2024-26590Feb 22, 2024affected < 6.4.0-150600.8.11.1fixed 6.4.0-150600.8.11.1
In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initiali
- CVE-2024-26584Feb 21, 2024affected < 6.4.0-150600.8.52.1fixed 6.4.0-150600.8.52.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- CVE-2023-52435Feb 20, 2024affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computation in skb_segment() can
- CVE-2023-52434Feb 20, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create cont
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
- CVE-2024-25741Feb 12, 2024affected < 6.4.0-150600.8.8.1fixed 6.4.0-150600.8.8.1
printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.
- CVE-2024-24861Feb 5, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.
- affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
- CVE-2023-39197Jan 23, 2024affected < 6.4.0-150600.8.52.1fixed 6.4.0-150600.8.52.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
- CVE-2023-6531Jan 21, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
- CVE-2024-0639Jan 17, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.
- CVE-2023-6270Jan 4, 2024affected < 6.4.0-150600.8.5.1fixed 6.4.0-150600.8.5.1
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob
Page 188 of 189