VYPR

rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2024-49996HigOct 21, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseData

  • CVE-2024-49924HigOct 21, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this pxafb_

  • CVE-2024-49994Oct 21, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: ui

  • CVE-2024-49861Oct 21, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .rodata), it was still possible to write into it from a BPF program side through sp

  • CVE-2024-46865HigSep 27, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized.

  • CVE-2024-46782Sep 18, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_exit_net() frees the rhashtable, then call nf_unregister_net_hooks(). It should b

  • CVE-2024-46763Sep 18, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting down a host. [0] The NULL pointer is sk->sk_user_data, and the offset 8 is of protocol in struct fou. When fou

  • CVE-2024-46733Sep 18, 2024
    affected < 6.4.0-150700.20.15.1fixed 6.4.0-150700.20.15.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cow_file_range In the buffered write path, the dirty page owns the qgroup reserve until it creates an ordered_extent. Therefore, any errors that occur before the ordered_exte

  • CVE-2024-46713Sep 13, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment th

  • CVE-2024-44963Sep 4, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() when freeing tree block after error When freeing a tree block, at btrfs_free_tree_block(), if we fail to create a delayed reference we don't deal with the error and just do a BUG_ON(). Th

  • CVE-2024-43869Aug 21, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially

  • CVE-2024-43820Aug 17, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DM_RECOVERY_RUNNING is set: WARNING:

  • CVE-2024-42134Jul 30, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Check if is_avq is NULL [bug] In the virtio_pci_common.c function vp_del_vqs, vp_dev->is_avq is involved to determine whether it is admin virtqueue, but this function vp_dev->is_avq may be empty. F

  • CVE-2024-42103Jul 30, 2024
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfs_reclaim_bgs_work and adding to the unused list. Since the block

  • CVE-2023-52888Jul 30, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Only free buffer VA that is not NULL In the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly called only when the buffer to free exists, there are some instances that didn'

  • CVE-2024-41085Jul 29, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereferenc

  • CVE-2024-41005MedJul 12, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by in

  • CVE-2024-39298Jun 25, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:

  • CVE-2024-38606Jun 19, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig

  • CVE-2024-36028May 30, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lock

Page 105 of 106