SUSE CVE-2024-41036

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851startxmitspi and ks8851irq: watchdog: BUG: soft...

SUSE CVE-2024-41043

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: drop bogus WARNON Happens when rules get flushed/deleted while packet is out, so remove this WARNON. This WARN exists in one form or another since v4.14, no need to backport this to older releases, henc...

SUSE CVE-2024-41082

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

SUSE CVE-2024-41088

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after killing the running...

SUSE CVE-2024-42114

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...

SUSE CVE-2024-42152

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

The vulnerability of the OLE DB driver for SQL Server, related to buffer overflows in the “queue”, allows attackers to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to buffer overflow in the “heap”. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

CVE-2024-42113

A vulnerability was found in the Linux kernel's txgbe driver involving uninitialized numqvectors when using MSI/INTx interrupts. This can lead to kernel panics during the allocation of queue vectors due to the use of undefined values. This issue was resolved by ensuring numqvectors is properly...

DEBIAN-CVE-2024-42148

In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FPSBMAXE1x...

DEBIAN-CVE-2024-42113

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: initialize numqvectors for MSI/INTx interrupts When using MSI/INTx interrupts, wx-numqvectors is uninitialized. Thus there will be kernel panic in wxallocqvectors to allocate queue vectors...

AZL-48261 CVE-2024-42114 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211ATTRTXQQUANTUM values syzbot is able to trigger softlockups, setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq, fixed with commit d9e15a273306 "pktsched: fq: do not accept sill...

UBUNTU-CVE-2024-42113

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: initialize numqvectors for MSI/INTx interrupts When using MSI/INTx interrupts, wx-numqvectors is uninitialized. Thus there will be kernel panic in wxallocqvectors to allocate queue vectors...

UBUNTU-CVE-2024-42148

In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FPSBMAXE1x...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl CVE-2021-47634 In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges""...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the nvmet module when destroying controllers, if during qp creation, there may be a small window that...

PT-2024-30723

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50 Description The issue is related to the net/mlx5 component in the Linux kernel. During device shutdown, there is no point in recovery, and if health work has started, it needs to wait to avoid races and NU...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an uninitialized wxnumqvectors in the net:txgbe module when using MSI/INTx interrupts, resulting in a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the wifi:cfg80211 module that allows NL80211ATTRTXQQUANTUM to be set to 2^31, which could result in a sof...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a UBSAN array index out-of-bounds in the bnx2x module when using systems with more than 32 physical CPU cor...

AZL-62550 CVE-2024-41082 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...