VYPR

rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

  • CVE-2024-53690Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent use of deleted inode syzbot reported a WARNING in nilfs_rmdir. [1] Because the inode bitmap is corrupted, an inode with an inode number that should exist as a ".nilfs" file was reassigned by ni

  • CVE-2024-53685Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than PATH_MAX, then this function will enter an endless (retry) loop, effectively blocking

  • CVE-2024-49571Jan 11, 2025
    affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg When receiving proposal msg in server, the field iparea_offset and the field ipv6_prefixes_cnt in proposal msg are from the remote

  • CVE-2024-49568Jan 11, 2025
    affected < 6.4.0-150600.8.43.1fixed 6.4.0-150600.8.43.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg When receiving proposal msg in server, the fields v2_ext_offset/ eid_cnt/ism_gid_cnt in proposal msg are from the remote client and c

  • CVE-2024-47408Jan 11, 2025
    affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcd_v2_ext_offset when receiving proposal msg When receiving proposal msg in server, the field smcd_v2_ext_offset in proposal msg is from the remote client and can not be fully trusted. Once the

  • CVE-2024-46896Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 ("drm/sched: memset() 'job' in drm_sched_job_init()") accessing job->base.sched can produce unexpected results as the initialisation of (*job)->base.sch

  • CVE-2024-41149Jan 11, 2025
    affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

    In the Linux kernel, the following vulnerability has been resolved: block: avoid to reuse `hctx` not removed from cpuhp callback list If the 'hctx' isn't removed from cpuhp callback list, we can't reuse it, otherwise use-after-free may be triggered.

  • CVE-2024-55639Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: net: renesas: rswitch: avoid use-after-put for a device tree node The device tree node saved in the rswitch_device structure is used at several driver locations. So passing this node to of_node_put() after the

  • CVE-2024-54683Jan 11, 2025
    affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the same time as a read of its file in sysfs: | ======================================

  • CVE-2024-53680Jan 11, 2025
    affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instr

  • CVE-2024-52332Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when

  • CVE-2024-50051Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancel_work_sync before module remove If we remove the module which will call mpc52xx_spi_remove it will free 'ms' through spi_unregister_controller. while the work ms->work will be used. The

  • CVE-2024-49569Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce admin_q before destroy it Kernel will hang on destroy admin_q while we create ctrl failed, such as following calltrace: PID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: "nvme" #0

  • CVE-2024-48881Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again Commit 028ddcac477b ("bcache: Remove unnecessary NULL point check in node allocations") leads a NULL pointer deference in cache_set_flush(). 1721

  • CVE-2024-48873Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, so check it before using to avoid NULL pointer access. Addresses-Coverity-ID: 152

  • CVE-2024-47809Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called from request_lock() as lkb->lkb_resource is not assigned yet, only after validat

  • CVE-2024-47794Jan 11, 2025
    affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tailcall infinite loop caused by freplace There is a potential infinite loop issue that can occur when using a combination of tail calls and freplace. In an upcoming selftest, the attach target fo

  • CVE-2024-47143Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: dma-debug: fix a possible deadlock on radix_lock radix_lock() shouldn't be held while holding dma_hash_entry[idx].lock otherwise, there's a possible deadlock scenario when dma debug API is called holding rq_loc

  • CVE-2024-47141Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the same functionality, we are seeing NULL pointer issue while accessing desc->mux_owne

  • CVE-2024-45828Jan 11, 2025
    affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

    In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt when the ring is being stopped. Depending on timing between ring stop request c

Page 80 of 189