rpm package
suse/kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (3,752)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26856 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sparx5: Fix use after free inside sparx5_del_mact_entry Based on the static analyzis of the code it looks like when an entry from the MAC table was removed, the entry was still used after being freed. More | ||
| CVE-2024-26854 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: fix uninitialized dplls mutex usage The pf->dplls.lock mutex is initialized too late, after its first use. Move it to the top of ice_dpll_init. Note that the "err_exit" error path destroys the mutex. And t | ||
| CVE-2024-26853 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), it is necessary to free it by calling xdp_return_frame_rx_napi. However, this is | ||
| CVE-2024-26846 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvme_delete_ctrl a | ||
| CVE-2024-26845 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmr_list handling An abort that is responded to by iSCSI itself is added to tmr_list but does not go to target core. A LUN_RESET that goes through tmr_list takes a refcounter on t | ||
| CVE-2024-26844 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request wit | ||
| CVE-2024-26837 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from th | ||
| CVE-2024-26836 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested | ||
| CVE-2024-26835 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a ta | ||
| CVE-2024-26832 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not inva | ||
| CVE-2024-26831 | — | < 6.4.0-150600.23.60.4 | 6.4.0-150600.23.60.4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req | ||
| CVE-2024-26826 | — | < 6.4.0-150600.23.17.1 | 6.4.0-150600.23.17.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it | ||
| CVE-2024-26822 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll | ||
| CVE-2024-26816 | Med | 5.5 | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us | |
| CVE-2024-26815 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; // Signed value tc = nla_get_u32(tb[TCA_TAPRIO_TC_ENT | ||
| CVE-2024-27437 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in request_irq() and subsequently dis | |
| CVE-2024-26812 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL c | |
| CVE-2024-26810 | Med | 4.4 | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core in | |
| CVE-2024-26814 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The | ||
| CVE-2024-26813 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo |
- CVE-2024-26856Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: net: sparx5: Fix use after free inside sparx5_del_mact_entry Based on the static analyzis of the code it looks like when an entry from the MAC table was removed, the entry was still used after being freed. More
- CVE-2024-26854Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: ice: fix uninitialized dplls mutex usage The pf->dplls.lock mutex is initialized too late, after its first use. Move it to the top of ice_dpll_init. Note that the "err_exit" error path destroys the mutex. And t
- CVE-2024-26853Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), it is necessary to free it by calling xdp_return_frame_rx_napi. However, this is
- CVE-2024-26846Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvme_delete_ctrl a
- CVE-2024-26845Apr 17, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmr_list handling An abort that is responded to by iSCSI itself is added to tmr_list but does not go to target core. A LUN_RESET that goes through tmr_list takes a refcounter on t
- CVE-2024-26844Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request wit
- CVE-2024-26837Apr 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from th
- CVE-2024-26836Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested
- CVE-2024-26835Apr 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a ta
- CVE-2024-26832Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not inva
- CVE-2024-26831Apr 17, 2024affected < 6.4.0-150600.23.60.4fixed 6.4.0-150600.23.60.4
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req
- CVE-2024-26826Apr 17, 2024affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it
- CVE-2024-26822Apr 17, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll
- affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us
- CVE-2024-26815Apr 10, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; // Signed value tc = nla_get_u32(tb[TCA_TAPRIO_TC_ENT
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in request_irq() and subsequently dis
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL c
- affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core in
- CVE-2024-26814Apr 5, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The
- CVE-2024-26813Apr 5, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo
Page 182 of 188