Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes bsc1226606. CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr...

CVE-2024-46871

A flaw was found in the AMD Radeon graphics card driver in the Linux kernel. Out-of-bounds access can be triggered due to arrays being created based on the wrong number of maximum DMUB notification types available, resulting in a denial of service. Mitigation Mitigation for this issue is either n...

DEBIAN-CVE-2024-46871

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPUDMUBNOTIFICATIONMAX Why & How It actually exposes '6' types in enum dmubnotificationtype. Not 5. Using smaller number to create array dmubcallback & dmubthreadoffload has...

UBUNTU-CVE-2024-46871

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPUDMUBNOTIFICATIONMAX Why & How It actually exposes '6' types in enum dmubnotificationtype. Not 5. Using smaller number to create array dmubcallback & dmubthreadoffload has...

SUSE CVE-2024-46833

In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnlnum When query reg inf of SSU, it loops tnlnum times. However, tnlnum comes from hardware and the length of array is a fixed value. To void array out of bound, make sure the loop ti...

DEBIAN-CVE-2024-46833

In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnlnum When query reg inf of SSU, it loops tnlnum times. However, tnlnum comes from hardware and the length of array is a fixed value. To void array out of bound, make sure the loop ti...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from failing to ensure that an endpoint index is within an array range when validating it...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from allowing array out-of-bounds...

kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

CVE-2024-42301

...

CVE-2024-43858

...

AZL-48006 CVE-2024-43858 affecting package kernel for versions less than 6.6.47.1-1

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree...

AZL-47953 CVE-2024-43858 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree...

DEBIAN-CVE-2024-43842

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89stainfogetiter In rtw89stainfogetiter 'status-hegi' is compared to array size. But then 'rate-hegi' is used as array index instead of 'status-hegi'. This can lead to go beyond array...

UBUNTU-CVE-2024-43858

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree...

DEBIAN-CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

UBUNTU-CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

SUSE CVE-2024-41028

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibaacpi: Fix array out-of-bounds access In order to use toshibadmiquirks together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array...

DEBIAN-CVE-2024-42148

In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FPSBMAXE1x...

DEBIAN-CVE-2024-41061

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport Why Potential out of bounds access in dml2calculaterqanddlgparams because the value of outloweststateidx used as an index for FCLKChangeSupport array can be...