CVE-2024-57894

CVE-2024-57894 is rejected/not used per the Initial Description.

CVE-2024-48881

In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing ISERRORNULL with ISERR again Commit 028ddcac477b "bcache: Remove unnecessary NULL point check in node allocations" leads a NULL pointer deference in cachesetflush. 1721 if !ISERRORNULLc-root 1722...

CVE-2024-57800 ALSA: memalloc: prefer dma_mapping_error() over explicit address checking

In the Linux kernel, the following vulnerability has been resolved: ALSA: memalloc: prefer dmamappingerror over explicit address checking With CONFIGDMAAPIDEBUG enabled, the following warning is observed: DMA-API: sndhdaintel 0000:03:00.1: device driver failed to check map errordevice...

CVE-2024-54460 Bluetooth: iso: Fix circular lock in iso_listen_bis

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in isolistenbis This fixes the circular locking dependency warning below, by releasing the socket lock before enterning isolistenbis, to avoid any potential deadlock with hdev lock. 75.307983...

CVE-2024-54191 Bluetooth: iso: Fix circular lock in iso_conn_big_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in isoconnbigsync This fixes the circular locking dependency warning below, by reworking isosockrecvmsg, to ensure that the socket lock is always released before calling a function that locks hde...

CVE-2024-41935 f2fs: fix to shrink read extent node in batches

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to shrink read extent node in batches We use rwlock to protect core structure data of extent tree during its shrink, however, if there is a huge number of extent nodes in extent tree, during shrink of extent tree, it ma...

OESA-2025-1035 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmardevscopeinit foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase...

CVE-2024-56779 nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...

CVE-2024-56772 kunit: string-stream: Fix a UAF bug in kunit_init_suite()

In the Linux kernel, the following vulnerability has been resolved: kunit: string-stream: Fix a UAF bug in kunitinitsuite In kunitdebugfscreatesuite, if allocstringstream fails in the kunitsuiteforeachtestcase loop, the "suite-log = stream" has assigned before, and the error path only free the...

CVE-2024-56581

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

CVE-2024-56762

CVE-2024-56762 is rejected/not used; this entry does not represent an active vulnerability.

SUSE CVE-2024-56661

In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was NULL when attempting the atomicdec : atomicdec&tipcnetsocknetub-ubsock-sk-wqcount; Fix this by caching the tipcnet pointer. 1 Oops:...

PT-2026-8105

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc1-00001-g09db0998649d Description The Linux kernel contains an issue in the mmc subsystem, specifically within the sdhci-of-dwcmshc driver. When operating in HS200 or HS400 timing modes, reducing the clo...

PT-2026-2865

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the KVM hypervisor and its handling of the periodic HV timer. Specifically, when resuming a virtual machine after a prolonged period of...

PT-2026-5508

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the J1939 protocol. Specifically, the j1939 session activate function may succeed even after the network device has been unregistered via j19...

CVE-2024-56692

CVE-2024-56692 involves a Linux kernel bug in the f2fs filesystem where an on-disk nat entry blkaddr may be corrupted, triggering a kernel panic in f2fs_invalidate_blocks during truncate_node. The root cause is a lacking sanity check on nat blkaddr, which can be exploited indirectly by fuzzed ima...

SUSE CVE-2024-53202

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...

DEBIAN-CVE-2024-56651

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110canist: fix potential use-after-free The commit a22bd630cfff "can: hi311x: do not report txerr and rxerr during bus-off" removed the reporting of rxerr and txerr even in case of correct operation i. e. not...

CVE-2024-56598 jfs: array-index-out-of-bounds fix in dtReadFirst

In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case...

CVE-2024-56590 Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix not checking skb length on hciacldatapacket This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past the valid skb-data...