19 matches found
CVE-2024-53061 affecting package kernel for versions less than 6.6.64.2-1
CVE-2024-53061 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-53180 affecting package kernel for versions less than 6.6.64.2-1
CVE-2024-53180 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-53145 affecting package kernel for versions less than 6.6.64.2-1
CVE-2024-53145 affecting package kernel for versions less than 6.6.64.2-1. An upgraded version of the package is available that resolves this issue...
AZL-55005 CVE-2024-56745 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix resetmethodstore memory leak In resetmethodstore, a string is allocated via kstrndup and assigned to the local "options". options is then used in with strsep to find spaces: while name = strsep&options, " " != NULL If...
AZL-55742 CVE-2024-56551 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free +0.000021 BUG: KASAN: slab-use-after-free in drmschedentityflush+0x6cb/0x7a0 gpusched +0.000027 Read of size 8 at addr ffff8881b8605f88 by task amdpciunplug/2147 +0.000023 CPU: 6 PID: 2147...
AZL-55521 CVE-2024-53165 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in registerintccontroller In the error handling for this function, d is freed without ever removing it from intclist which would lead to a use after free. To fix this, let's only add it to the lis...
AZL-54271 CVE-2024-53129 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fix a dereferenced before check warning The 'state' can't be NULL, we should check crtcstate. Fix warning: drivers/gpu/drm/rockchip/rockchipdrmvop.c:1096 vopplaneatomicasynccheck warn: variable dereferenced...
AZL-54632 CVE-2024-53093 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scanwork context. If a path error occurs here, the IO will wait until a path becomes available or all paths are...
AZL-53459 CVE-2024-50300 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: regulator: rtq2208: Fix uninitialized use of regulatorconfig Fix rtq2208 driver uninitialized use to cause kernel error...
AZL-53519 CVE-2024-50265 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2xaremove Syzkaller is able to provoke null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...
AZL-53298 CVE-2024-50255 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...
AZL-53136 CVE-2024-50247 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check if more than chunk-size bytes are written A incorrectly formatted chunk may decompress into more than LZNTCHUNKSIZE bytes and a index out of bounds will occur in smaxoff...
AZL-53121 CVE-2024-50234 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts are enabled. We end u...
AZL-52980 CVE-2024-50159 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning: | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...
AZL-53474 CVE-2024-50142 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a "xfrm: Validate address prefix lengths in the xfrm selector." syzbot created an SA with...
AZL-53543 CVE-2024-50151 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compound request buffers down for encryption into a single i...
AZL-53573 CVE-2024-50139 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sysregs.c:1988:14 shift exponent 33 is too large f...
AZL-51936 CVE-2024-50085 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix UaF read in mptcppmnlrmaddrorsubflow Syzkaller reported this splat: ================================================================== BUG: KASAN: slab-use-after-free in mptcppmnlrmaddrorsubflow+0xb44/0xcc0...
AZL-51933 CVE-2024-50069 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devmkasprintf returned value devmkasprintf can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review...