suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

Vulnerabilities (3,769)

• CVE-2024-53106Dec 2, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in ima_eventdigest_init_common Function ima_eventdigest_init() calls ima_eventdigest_init_common() with HASH_ALGO__LAST which is then used to access the array hash_digest_size[] leading

• CVE-2024-53105Dec 2, 2024
  affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1

  In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page being freed using free_page() still having a mlocked flag at free_pages_prepare()

• CVE-2024-53104KEVDec 2, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

• CVE-2024-53103Dec 2, 2024
  affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1

  In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This i

• CVE-2023-52922Nov 28, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

• CVE-2024-53101MedNov 25, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali

• CVE-2024-53100Nov 25, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queue_lock lock and destroy Commit 76d54bf20cdc ("nvme-tcp: don't access released socket during error recovery") added a mutex_lock() call for the queue->queue_lock in nvme_tcp_get

• CVE-2024-53099Nov 25, 2024
  affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-bounds access. To spot su

• CVE-2024-53096Nov 25, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like control flow and numerous means by which issues can arise and incomplete state, memor

• CVE-2024-8805Nov 22, 2024
  affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1

  BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

• CVE-2024-53095Nov 21, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

• CVE-2024-53094Nov 21, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES While running ISER over SIW, the initiator machine encounters a warning from skb_splice_from_iter() indicating that a slab page is being used in sen

• CVE-2024-53093Nov 21, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes availa

• CVE-2024-53091Nov 21, 2024
  affected < 6.4.0-150600.8.26.1fixed 6.4.0-150600.8.26.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx As the introduction of the support for vsock and unix sockets in sockmap, tls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK.

• CVE-2024-53090Nov 21, 2024
  affected < 6.4.0-150600.8.23.1fixed 6.4.0-150600.8.23.1

  In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in

• CVE-2024-53059HigNov 19, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. The response buffer is not freed. Resolve these issues by switching to iwl_mvm_s

• CVE-2024-53057HigNov 19, 2024
  affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

• CVE-2024-53042MedNov 19, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning [

• CVE-2024-53088Nov 19, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under hea

• CVE-2024-53085Nov 19, 2024
  affected < 6.4.0-150600.8.20.1fixed 6.4.0-150600.8.20.1

  In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is