SUSE-SU-2024:4216-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

CVE-2024-12227 MSI Dragon Center IOCTL NTIOLib_X64.sys MmUnMapIoSpace null pointer dereference

A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLibX64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on t...

CVE-2024-12227 MSI Dragon Center IOCTL NTIOLib_X64.sys MmUnMapIoSpace null pointer dereference

A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLibX64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on t...

PT-2024-17493 · Msi · Ntiolib X64.Sys +1

Name of the Vulnerable Software and Affected Versions: MSI Dragon Center versions up to 2.0.146.0 Description: A problematic issue was found in the IOCTL Handler component of MSI Dragon Center, affecting the MmUnMapIoSpace function in the NTIOLib X64.sys library. This leads to a null pointer...

PT-2024-10664 · Mediatek · Mtk Wmt Device Driver

Name of the Vulnerable Software and Affected Versions: MTK WMT device driver affected versions not specified Description: The issue is related to a missing bounds check in the WMT unlocked ioctl function of the MTK WMT device driver, which could lead to a possible out-of-bounds OOB write. This...

AZL-54143 CVE-2024-53112 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? diebody+0x5f/0xb0 ? die+0x9e/0xc0 ? dotrap+0x15a/0x3a0 ?...

CVE-2024-53116 drm/panthor: Fix handling of partial GPU mapping of BOs

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where t...

CVE-2024-53112 ocfs2: uncache inode which has failed entering the group

In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? diebody+0x5f/0xb0 ? die+0x9e/0xc0 ? dotrap+0x15a/0x3a0 ?...

CVE-2024-53112 ocfs2: uncache inode which has failed entering the group

In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? diebody+0x5f/0xb0 ? die+0x9e/0xc0 ? dotrap+0x15a/0x3a0 ?...

CVE-2024-53112

CVE-2024-53112 affects the Linux kernel via the OCFS2 group add path. The issue occurs when ioctl(OCFS2_IOC_GROUP_ADD, …) fails for an inode; the corresponding buffer head remains cached and a subsequent ioctl triggers a BUG in ocfs2_set_new_buffer_uptodate() while caching the same buffer head. T...

CVE-2024-43050

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver...

CVE-2024-43049

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver...

CVE-2024-43053

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information...

CVE-2024-43053

CVE-2024-43053 describes a local-memory corruption vulnerability in Qualcomm WLAN components, triggered by IOCTL calls from user space to read WLAN target diagnostic information. The underlying root cause is improper restriction of operations within the bounds of a memory buffer. Affected softwar...

CVE-2024-43053 Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information...

CVE-2024-43053 Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information...

CVE-2024-43050 Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver...

CVE-2024-43050

CVE-2024-43050 describes memory corruption arising when userspace issues IOCTL commands to the WLAN driver to issue a factory test command. Multiple sources cite this as a stack-based/memory corruption issue inside the WLAN driver, with a local attack vector and high impact on confidentiality, in...

CVE-2024-43050 Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver...

CVE-2024-43049 Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver...