rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-56787	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: soc: imx8m: Probe the SoC driver as platform driver With driver_async_probe=* on kernel command line, the following trace is produced because on i.MX8M Plus hardware because the soc-imx8m.c driver calls of_clk_
CVE-2024-56780	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently
CVE-2024-56779	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequen
CVE-2024-56778	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fa
CVE-2024-56777	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fail
CVE-2024-56776	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure.
CVE-2024-56775	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup an
CVE-2024-56774	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the
CVE-2024-56770	—	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of
CVE-2024-56769	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b
CVE-2024-56767	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the
CVE-2024-56766	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double f
CVE-2024-56765	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the past
CVE-2024-56763	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.
CVE-2024-56760	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pc
CVE-2024-56759	—	< 6.4.0-150600.8.26.1	6.4.0-150600.8.26.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
CVE-2024-56758	—	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we unlock the folio. The result of that is that a different thread can modify the mappi
CVE-2024-56756	—	< 6.4.0-150600.8.23.1	6.4.0-150600.8.23.1	Dec 29, 2024	In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the l
CVE-2024-56755	—	< 6.4.0-150600.8.23.1	6.4.0-150600.8.23.1	Dec 29, 2024	In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situa
CVE-2024-56754	—	< 6.4.0-150600.8.23.1	6.4.0-150600.8.23.1	Dec 29, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct

CVE-2024-56787Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: soc: imx8m: Probe the SoC driver as platform driver With driver_async_probe=* on kernel command line, the following trace is produced because on i.MX8M Plus hardware because the soc-imx8m.c driver calls of_clk_
CVE-2024-56780Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently
CVE-2024-56779Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequen
CVE-2024-56778Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fa
CVE-2024-56777Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fail
CVE-2024-56776Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure.
CVE-2024-56775Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup an
CVE-2024-56774Jan 8, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the
CVE-2024-56770Jan 8, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of
CVE-2024-56769Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b
CVE-2024-56767Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the
CVE-2024-56766Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double f
CVE-2024-56765Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the past
CVE-2024-56763Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.
CVE-2024-56760Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pc
CVE-2024-56759Jan 6, 2025
affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
CVE-2024-56758Jan 6, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we unlock the folio. The result of that is that a different thread can modify the mappi
CVE-2024-56756Dec 29, 2024
affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the l
CVE-2024-56755Dec 29, 2024
affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1
In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situa
CVE-2024-56754Dec 29, 2024
affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct

Page 81 of 189