csaf_suse - suse-su-2025:0950-1

Vulnerability from csaf_suse

Published

2025-03-19 13:34

Modified

2025-03-19 13:34

Summary

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

Notes

Title of the patch

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

Description of the patch

This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). - CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). - CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640).

Patchnames

SUSE-2025-947,SUSE-2025-950,SUSE-2025-951,SUSE-SLE-Module-Live-Patching-15-SP4-2025-950,SUSE-SLE-Module-Live-Patching-15-SP5-2025-951

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204).\n- CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196).\n- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452).\n- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679).\n- CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229640).\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2025-947,SUSE-2025-950,SUSE-2025-951,SUSE-SLE-Module-Live-Patching-15-SP4-2025-950,SUSE-SLE-Module-Live-Patching-15-SP5-2025-951",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0950-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2025:0950-1",
            url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250950-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2025:0950-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020556.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229640",
            url: "https://bugzilla.suse.com/1229640",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231196",
            url: "https://bugzilla.suse.com/1231196",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231204",
            url: "https://bugzilla.suse.com/1231204",
         },
         {
            category: "self",
            summary: "SUSE Bug 1233679",
            url: "https://bugzilla.suse.com/1233679",
         },
         {
            category: "self",
            summary: "SUSE Bug 1235452",
            url: "https://bugzilla.suse.com/1235452",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2022-48911 page",
            url: "https://www.suse.com/security/cve/CVE-2022-48911/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46815 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46815/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46818 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46818/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-50302 page",
            url: "https://www.suse.com/security/cve/CVE-2024-50302/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-56648 page",
            url: "https://www.suse.com/security/cve/CVE-2024-56648/",
         },
      ],
      title: "Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)",
      tracking: {
         current_release_date: "2025-03-19T13:34:04Z",
         generator: {
            date: "2025-03-19T13:34:04Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2025:0950-1",
         initial_release_date: "2025-03-19T13:34:04Z",
         revision_history: [
            {
               date: "2025-03-19T13:34:04Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.ppc64le",
                        product: {
                           name: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.ppc64le",
                           product_id: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                        product: {
                           name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                           product_id: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                        product: {
                           name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                           product_id: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.s390x",
                        product: {
                           name: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.s390x",
                           product_id: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                        product: {
                           name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                           product_id: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                        product: {
                           name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                           product_id: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.x86_64",
                        product: {
                           name: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.x86_64",
                           product_id: "kernel-livepatch-5_14_21-150500_55_73-default-6-150500.2.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                        product: {
                           name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                           product_id: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
                        product: {
                           name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
                           product_id: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Live Patching 15 SP4",
                        product: {
                           name: "SUSE Linux Enterprise Live Patching 15 SP4",
                           product_id: "SUSE Linux Enterprise Live Patching 15 SP4",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-live-patching:15:sp4",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Live Patching 15 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Live Patching 15 SP5",
                           product_id: "SUSE Linux Enterprise Live Patching 15 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-live-patching:15:sp5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
               product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
            },
            product_reference: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
               product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
            },
            product_reference: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
               product_id: "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
            },
            product_reference: "kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP4",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
               product_id: "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
            },
            product_reference: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
               product_id: "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
            },
            product_reference: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
               product_id: "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            },
            product_reference: "kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2022-48911",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2022-48911",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_queue: fix possible use-after-free\n\nEric Dumazet says:\n  The sock_hold() side seems suspect, because there is no guarantee\n  that sk_refcnt is not already 0.\n\nOn failure, we cannot queue the packet and need to indicate an\nerror.  The packet will be dropped by the caller.\n\nv2: split skb prefetch hunk into separate change",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2022-48911",
               url: "https://www.suse.com/security/cve/CVE-2022-48911",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229633 for CVE-2022-48911",
               url: "https://bugzilla.suse.com/1229633",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229640 for CVE-2022-48911",
               url: "https://bugzilla.suse.com/1229640",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-03-19T13:34:04Z",
               details: "moderate",
            },
         ],
         title: "CVE-2022-48911",
      },
      {
         cve: "CVE-2024-46815",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46815",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]\n\n[WHY & HOW]\nnum_valid_sets needs to be checked to avoid a negative index when\naccessing reader_wm_sets[num_valid_sets - 1].\n\nThis fixes an OVERRUN issue reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46815",
               url: "https://www.suse.com/security/cve/CVE-2024-46815",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231195 for CVE-2024-46815",
               url: "https://bugzilla.suse.com/1231195",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231196 for CVE-2024-46815",
               url: "https://bugzilla.suse.com/1231196",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-03-19T13:34:04Z",
               details: "important",
            },
         ],
         title: "CVE-2024-46815",
      },
      {
         cve: "CVE-2024-46818",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46818",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check gpio_id before used as array index\n\n[WHY & HOW]\nGPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore\nshould be checked in advance.\n\nThis fixes 5 OVERRUN issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46818",
               url: "https://www.suse.com/security/cve/CVE-2024-46818",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231203 for CVE-2024-46818",
               url: "https://bugzilla.suse.com/1231203",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231204 for CVE-2024-46818",
               url: "https://bugzilla.suse.com/1231204",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-03-19T13:34:04Z",
               details: "important",
            },
         ],
         title: "CVE-2024-46818",
      },
      {
         cve: "CVE-2024-50302",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-50302",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-50302",
               url: "https://www.suse.com/security/cve/CVE-2024-50302",
            },
            {
               category: "external",
               summary: "SUSE Bug 1233491 for CVE-2024-50302",
               url: "https://bugzilla.suse.com/1233491",
            },
            {
               category: "external",
               summary: "SUSE Bug 1233679 for CVE-2024-50302",
               url: "https://bugzilla.suse.com/1233679",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-03-19T13:34:04Z",
               details: "important",
            },
         ],
         title: "CVE-2024-50302",
      },
      {
         cve: "CVE-2024-56648",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-56648",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hsr: avoid potential out-of-bound access in fill_frame_info()\n\nsyzbot is able to feed a packet with 14 bytes, pretending\nit is a vlan one.\n\nSince fill_frame_info() is relying on skb->mac_len already,\nextend the check to cover this case.\n\nBUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:709 [inline]\n BUG: KMSAN: uninit-value in hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724\n  fill_frame_info net/hsr/hsr_forward.c:709 [inline]\n  hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724\n  hsr_dev_xmit+0x2f0/0x350 net/hsr/hsr_device.c:235\n  __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n  netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n  xmit_one net/core/dev.c:3590 [inline]\n  dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606\n  __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434\n  dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n  packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n  packet_snd net/packet/af_packet.c:3146 [inline]\n  packet_sendmsg+0x91ae/0xa6f0 net/packet/af_packet.c:3178\n  sock_sendmsg_nosec net/socket.c:711 [inline]\n  __sock_sendmsg+0x30f/0x380 net/socket.c:726\n  __sys_sendto+0x594/0x750 net/socket.c:2197\n  __do_sys_sendto net/socket.c:2204 [inline]\n  __se_sys_sendto net/socket.c:2200 [inline]\n  __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200\n  x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n  slab_post_alloc_hook mm/slub.c:4091 [inline]\n  slab_alloc_node mm/slub.c:4134 [inline]\n  kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\n  kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n  __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n  alloc_skb include/linux/skbuff.h:1323 [inline]\n  alloc_skb_with_frags+0xc8/0xd00 net/core/skbuff.c:6612\n  sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2881\n  packet_alloc_skb net/packet/af_packet.c:2995 [inline]\n  packet_snd net/packet/af_packet.c:3089 [inline]\n  packet_sendmsg+0x74c6/0xa6f0 net/packet/af_packet.c:3178\n  sock_sendmsg_nosec net/socket.c:711 [inline]\n  __sock_sendmsg+0x30f/0x380 net/socket.c:726\n  __sys_sendto+0x594/0x750 net/socket.c:2197\n  __do_sys_sendto net/socket.c:2204 [inline]\n  __se_sys_sendto net/socket.c:2200 [inline]\n  __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200\n  x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
               "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-56648",
               url: "https://www.suse.com/security/cve/CVE-2024-56648",
            },
            {
               category: "external",
               summary: "SUSE Bug 1235451 for CVE-2024-56648",
               url: "https://bugzilla.suse.com/1235451",
            },
            {
               category: "external",
               summary: "SUSE Bug 1235452 for CVE-2024-56648",
               url: "https://bugzilla.suse.com/1235452",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_111-default-14-150400.2.1.x86_64",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.ppc64le",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.s390x",
                  "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-16-150500.2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2025-03-19T13:34:04Z",
               details: "important",
            },
         ],
         title: "CVE-2024-56648",
      },
   ],
}

CVE-2024-56648 (GCVE-0-2024-56648)

Vulnerability from cvelistv5

Published

2024-12-27 15:02

Modified

2025-01-20 06:25

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend the check to cover this case. BUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:709 [inline] BUG: KMSAN: uninit-value in hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724 fill_frame_info net/hsr/hsr_forward.c:709 [inline] hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724 hsr_dev_xmit+0x2f0/0x350 net/hsr/hsr_device.c:235 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276 packet_snd net/packet/af_packet.c:3146 [inline] packet_sendmsg+0x91ae/0xa6f0 net/packet/af_packet.c:3178 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:726 __sys_sendto+0x594/0x750 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4091 [inline] slab_alloc_node mm/slub.c:4134 [inline] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1323 [inline] alloc_skb_with_frags+0xc8/0xd00 net/core/skbuff.c:6612 sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2881 packet_alloc_skb net/packet/af_packet.c:2995 [inline] packet_snd net/packet/af_packet.c:3089 [inline] packet_sendmsg+0x74c6/0xa6f0 net/packet/af_packet.c:3178 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:726 __sys_sendto+0x594/0x750 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f

References

▼	URL	Tags
	https://git.kernel.org/stable/c/aa632691c722a123e47ccd05a3afdd5f87a36061
	https://git.kernel.org/stable/c/c6e778901d0055356c4fb223058364cae731494a
	https://git.kernel.org/stable/c/6bb5c8ebc99f0671dbd3c9408ebaf935c3951186
	https://git.kernel.org/stable/c/3c215663b3e27a3b08cefcaea623ff54c70c8035
	https://git.kernel.org/stable/c/7ea527fbd7b94d0bee64a0a7e98279bcc654b322
	https://git.kernel.org/stable/c/b9653d19e556c6afd035602927a93d100a0d7644

Impacted products

Vendor

Product

Version

▼

Linux

Version: f6442ee08fe66c8e45c4f246531a2aaf4f17a7a7
Version: 48b491a5cc74333c4a6a82fe21cea42c055a3b0b
Version: 48b491a5cc74333c4a6a82fe21cea42c055a3b0b
Version: 48b491a5cc74333c4a6a82fe21cea42c055a3b0b
Version: 48b491a5cc74333c4a6a82fe21cea42c055a3b0b
Version: 48b491a5cc74333c4a6a82fe21cea42c055a3b0b

Linux

Version: 5.13

Show details on NVD website

JSON

To clipboard

{
   containers: {
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "net/hsr/hsr_forward.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "aa632691c722a123e47ccd05a3afdd5f87a36061",
                     status: "affected",
                     version: "f6442ee08fe66c8e45c4f246531a2aaf4f17a7a7",
                     versionType: "git",
                  },
                  {
                     lessThan: "c6e778901d0055356c4fb223058364cae731494a",
                     status: "affected",
                     version: "48b491a5cc74333c4a6a82fe21cea42c055a3b0b",
                     versionType: "git",
                  },
                  {
                     lessThan: "6bb5c8ebc99f0671dbd3c9408ebaf935c3951186",
                     status: "affected",
                     version: "48b491a5cc74333c4a6a82fe21cea42c055a3b0b",
                     versionType: "git",
                  },
                  {
                     lessThan: "3c215663b3e27a3b08cefcaea623ff54c70c8035",
                     status: "affected",
                     version: "48b491a5cc74333c4a6a82fe21cea42c055a3b0b",
                     versionType: "git",
                  },
                  {
                     lessThan: "7ea527fbd7b94d0bee64a0a7e98279bcc654b322",
                     status: "affected",
                     version: "48b491a5cc74333c4a6a82fe21cea42c055a3b0b",
                     versionType: "git",
                  },
                  {
                     lessThan: "b9653d19e556c6afd035602927a93d100a0d7644",
                     status: "affected",
                     version: "48b491a5cc74333c4a6a82fe21cea42c055a3b0b",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "net/hsr/hsr_forward.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "5.13",
                  },
                  {
                     lessThan: "5.13",
                     status: "unaffected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.10.*",
                     status: "unaffected",
                     version: "5.10.231",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.15.*",
                     status: "unaffected",
                     version: "5.15.174",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.1.*",
                     status: "unaffected",
                     version: "6.1.120",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.6.*",
                     status: "unaffected",
                     version: "6.6.66",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.12.*",
                     status: "unaffected",
                     version: "6.12.5",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "6.13",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hsr: avoid potential out-of-bound access in fill_frame_info()\n\nsyzbot is able to feed a packet with 14 bytes, pretending\nit is a vlan one.\n\nSince fill_frame_info() is relying on skb->mac_len already,\nextend the check to cover this case.\n\nBUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:709 [inline]\n BUG: KMSAN: uninit-value in hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724\n  fill_frame_info net/hsr/hsr_forward.c:709 [inline]\n  hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724\n  hsr_dev_xmit+0x2f0/0x350 net/hsr/hsr_device.c:235\n  __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n  netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n  xmit_one net/core/dev.c:3590 [inline]\n  dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606\n  __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434\n  dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n  packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n  packet_snd net/packet/af_packet.c:3146 [inline]\n  packet_sendmsg+0x91ae/0xa6f0 net/packet/af_packet.c:3178\n  sock_sendmsg_nosec net/socket.c:711 [inline]\n  __sock_sendmsg+0x30f/0x380 net/socket.c:726\n  __sys_sendto+0x594/0x750 net/socket.c:2197\n  __do_sys_sendto net/socket.c:2204 [inline]\n  __se_sys_sendto net/socket.c:2200 [inline]\n  __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200\n  x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n  slab_post_alloc_hook mm/slub.c:4091 [inline]\n  slab_alloc_node mm/slub.c:4134 [inline]\n  kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\n  kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n  __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n  alloc_skb include/linux/skbuff.h:1323 [inline]\n  alloc_skb_with_frags+0xc8/0xd00 net/core/skbuff.c:6612\n  sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2881\n  packet_alloc_skb net/packet/af_packet.c:2995 [inline]\n  packet_snd net/packet/af_packet.c:3089 [inline]\n  packet_sendmsg+0x74c6/0xa6f0 net/packet/af_packet.c:3178\n  sock_sendmsg_nosec net/socket.c:711 [inline]\n  __sock_sendmsg+0x30f/0x380 net/socket.c:726\n  __sys_sendto+0x594/0x750 net/socket.c:2197\n  __do_sys_sendto net/socket.c:2204 [inline]\n  __se_sys_sendto net/socket.c:2200 [inline]\n  __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200\n  x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-20T06:25:00.954Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/aa632691c722a123e47ccd05a3afdd5f87a36061",
            },
            {
               url: "https://git.kernel.org/stable/c/c6e778901d0055356c4fb223058364cae731494a",
            },
            {
               url: "https://git.kernel.org/stable/c/6bb5c8ebc99f0671dbd3c9408ebaf935c3951186",
            },
            {
               url: "https://git.kernel.org/stable/c/3c215663b3e27a3b08cefcaea623ff54c70c8035",
            },
            {
               url: "https://git.kernel.org/stable/c/7ea527fbd7b94d0bee64a0a7e98279bcc654b322",
            },
            {
               url: "https://git.kernel.org/stable/c/b9653d19e556c6afd035602927a93d100a0d7644",
            },
         ],
         title: "net: hsr: avoid potential out-of-bound access in fill_frame_info()",
         x_generator: {
            engine: "bippy-5f407fcff5a0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2024-56648",
      datePublished: "2024-12-27T15:02:48.687Z",
      dateReserved: "2024-12-27T15:00:39.840Z",
      dateUpdated: "2025-01-20T06:25:00.954Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-46818 (GCVE-0-2024-46818)

Vulnerability from cvelistv5

Published

2024-09-27 12:35

Modified

2024-12-19 09:23

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8520fdc8ecc38f240a8e9e7af89cca6739c3e790
	https://git.kernel.org/stable/c/40c2e8bc117cab8bca8814735f28a8b121654a84
	https://git.kernel.org/stable/c/0184cca30cad74d88f5c875d4e26999e26325700
	https://git.kernel.org/stable/c/276e3fd93e3beb5894eb1cc8480f9f417d51524d
	https://git.kernel.org/stable/c/08e7755f754e3d2cef7d3a7da538d33526bd6f7c
	https://git.kernel.org/stable/c/3d4198ab612ad48f73383ad3bb5663e6f0cdf406
	https://git.kernel.org/stable/c/2a5626eeb3b5eec7a36886f9556113dd93ec8ed6

Impacted products

Vendor

Product

Version

▼

Linux

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-46818",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-29T14:15:06.184629Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-29T14:15:15.550Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "8520fdc8ecc38f240a8e9e7af89cca6739c3e790",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "40c2e8bc117cab8bca8814735f28a8b121654a84",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "0184cca30cad74d88f5c875d4e26999e26325700",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "276e3fd93e3beb5894eb1cc8480f9f417d51524d",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "08e7755f754e3d2cef7d3a7da538d33526bd6f7c",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "3d4198ab612ad48f73383ad3bb5663e6f0cdf406",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "2a5626eeb3b5eec7a36886f9556113dd93ec8ed6",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "drivers/gpu/drm/amd/display/dc/gpio/gpio_service.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThanOrEqual: "5.4.*",
                     status: "unaffected",
                     version: "5.4.284",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.10.*",
                     status: "unaffected",
                     version: "5.10.226",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.15.*",
                     status: "unaffected",
                     version: "5.15.167",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.1.*",
                     status: "unaffected",
                     version: "6.1.109",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.6.*",
                     status: "unaffected",
                     version: "6.6.50",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.10.*",
                     status: "unaffected",
                     version: "6.10.9",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "6.11",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check gpio_id before used as array index\n\n[WHY & HOW]\nGPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore\nshould be checked in advance.\n\nThis fixes 5 OVERRUN issues reported by Coverity.",
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-19T09:23:48.499Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/8520fdc8ecc38f240a8e9e7af89cca6739c3e790",
            },
            {
               url: "https://git.kernel.org/stable/c/40c2e8bc117cab8bca8814735f28a8b121654a84",
            },
            {
               url: "https://git.kernel.org/stable/c/0184cca30cad74d88f5c875d4e26999e26325700",
            },
            {
               url: "https://git.kernel.org/stable/c/276e3fd93e3beb5894eb1cc8480f9f417d51524d",
            },
            {
               url: "https://git.kernel.org/stable/c/08e7755f754e3d2cef7d3a7da538d33526bd6f7c",
            },
            {
               url: "https://git.kernel.org/stable/c/3d4198ab612ad48f73383ad3bb5663e6f0cdf406",
            },
            {
               url: "https://git.kernel.org/stable/c/2a5626eeb3b5eec7a36886f9556113dd93ec8ed6",
            },
         ],
         title: "drm/amd/display: Check gpio_id before used as array index",
         x_generator: {
            engine: "bippy-5f407fcff5a0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2024-46818",
      datePublished: "2024-09-27T12:35:59.187Z",
      dateReserved: "2024-09-11T15:12:18.284Z",
      dateUpdated: "2024-12-19T09:23:48.499Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2022-48911 (GCVE-0-2022-48911)

Vulnerability from cvelistv5

Published

2024-08-22 01:31

Modified

2024-12-19 08:10

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet and need to indicate an error. The packet will be dropped by the caller. v2: split skb prefetch hunk into separate change

References

▼	URL	Tags
	https://git.kernel.org/stable/c/21b27b2baa27423286e9b8d3f0b194d587083d95
	https://git.kernel.org/stable/c/ef97921ccdc243170fcef857ba2a17cf697aece5
	https://git.kernel.org/stable/c/34dc4a6a7f261736ef7183868a5bddad31c7f9e3
	https://git.kernel.org/stable/c/43c25da41e3091b31a906651a43e80a2719aa1ff
	https://git.kernel.org/stable/c/4d05239203fa38ea8a6f31e228460da4cb17a71a
	https://git.kernel.org/stable/c/dd648bd1b33a828f62befa696b206c688da0ec43
	https://git.kernel.org/stable/c/dcc3cb920bf7ba66ac5e9272293a9ba5f80917ee
	https://git.kernel.org/stable/c/c3873070247d9e3c7a6b0cf9bf9b45e8018427b1

Impacted products

Vendor

Product

Version

▼

Linux

Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d
Version: 271b72c7fa82c2c7a795bc16896149933110672d

Linux

Version: 2.6.29

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-48911",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-10T15:34:00.950489Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-12T17:33:02.033Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "include/net/netfilter/nf_queue.h",
                  "net/netfilter/nf_queue.c",
                  "net/netfilter/nfnetlink_queue.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "21b27b2baa27423286e9b8d3f0b194d587083d95",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "ef97921ccdc243170fcef857ba2a17cf697aece5",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "34dc4a6a7f261736ef7183868a5bddad31c7f9e3",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "43c25da41e3091b31a906651a43e80a2719aa1ff",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "4d05239203fa38ea8a6f31e228460da4cb17a71a",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "dd648bd1b33a828f62befa696b206c688da0ec43",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "dcc3cb920bf7ba66ac5e9272293a9ba5f80917ee",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
                  {
                     lessThan: "c3873070247d9e3c7a6b0cf9bf9b45e8018427b1",
                     status: "affected",
                     version: "271b72c7fa82c2c7a795bc16896149933110672d",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "include/net/netfilter/nf_queue.h",
                  "net/netfilter/nf_queue.c",
                  "net/netfilter/nfnetlink_queue.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "2.6.29",
                  },
                  {
                     lessThan: "2.6.29",
                     status: "unaffected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "4.9.*",
                     status: "unaffected",
                     version: "4.9.305",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "4.14.*",
                     status: "unaffected",
                     version: "4.14.270",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "4.19.*",
                     status: "unaffected",
                     version: "4.19.233",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.4.*",
                     status: "unaffected",
                     version: "5.4.183",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.10.*",
                     status: "unaffected",
                     version: "5.10.104",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.15.*",
                     status: "unaffected",
                     version: "5.15.27",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.16.*",
                     status: "unaffected",
                     version: "5.16.13",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "5.17",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_queue: fix possible use-after-free\n\nEric Dumazet says:\n  The sock_hold() side seems suspect, because there is no guarantee\n  that sk_refcnt is not already 0.\n\nOn failure, we cannot queue the packet and need to indicate an\nerror.  The packet will be dropped by the caller.\n\nv2: split skb prefetch hunk into separate change",
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-19T08:10:20.853Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/21b27b2baa27423286e9b8d3f0b194d587083d95",
            },
            {
               url: "https://git.kernel.org/stable/c/ef97921ccdc243170fcef857ba2a17cf697aece5",
            },
            {
               url: "https://git.kernel.org/stable/c/34dc4a6a7f261736ef7183868a5bddad31c7f9e3",
            },
            {
               url: "https://git.kernel.org/stable/c/43c25da41e3091b31a906651a43e80a2719aa1ff",
            },
            {
               url: "https://git.kernel.org/stable/c/4d05239203fa38ea8a6f31e228460da4cb17a71a",
            },
            {
               url: "https://git.kernel.org/stable/c/dd648bd1b33a828f62befa696b206c688da0ec43",
            },
            {
               url: "https://git.kernel.org/stable/c/dcc3cb920bf7ba66ac5e9272293a9ba5f80917ee",
            },
            {
               url: "https://git.kernel.org/stable/c/c3873070247d9e3c7a6b0cf9bf9b45e8018427b1",
            },
         ],
         title: "netfilter: nf_queue: fix possible use-after-free",
         x_generator: {
            engine: "bippy-5f407fcff5a0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2022-48911",
      datePublished: "2024-08-22T01:31:07.463Z",
      dateReserved: "2024-08-21T06:06:23.294Z",
      dateUpdated: "2024-12-19T08:10:20.853Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-50302 (GCVE-0-2024-50302)

Vulnerability from cvelistv5

Published

2024-11-19 01:30

Modified

2025-03-05 04:55

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26
	https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5
	https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46
	https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf
	https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b
	https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191
	https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648
	https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552

Impacted products

Vendor

Product

Version

▼

Linux

Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca
Version: 27ce405039bfe6d3f4143415c638f56a3df77dca

Linux

Version: 3.12

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "LOCAL",
                     availabilityImpact: "HIGH",
                     baseScore: 7.8,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-50302",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-04T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2025-03-04",
                        reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
                     },
                     type: "kev",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-908",
                        description: "CWE-908 Use of Uninitialized Resource",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-05T04:55:25.599Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            timeline: [
               {
                  lang: "en",
                  time: "2025-03-04T00:00:00+00:00",
                  value: "CVE-2024-50302 added to CISA KEV",
               },
            ],
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "drivers/hid/hid-core.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "e7ea60184e1e88a3c9e437b3265cbb6439aa7e26",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "3f9e88f2672c4635960570ee9741778d4135ecf5",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "d7dc68d82ab3fcfc3f65322465da3d7031d4ab46",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "05ade5d4337867929e7ef664e7ac8e0c734f1aaf",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "1884ab3d22536a5c14b17c78c2ce76d1734e8b0b",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "9d9f5c75c0c7f31766ec27d90f7a6ac673193191",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "492015e6249fbcd42138b49de3c588d826dd9648",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
                  {
                     lessThan: "177f25d1292c7e16e1199b39c85480f7f8815552",
                     status: "affected",
                     version: "27ce405039bfe6d3f4143415c638f56a3df77dca",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "drivers/hid/hid-core.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "3.12",
                  },
                  {
                     lessThan: "3.12",
                     status: "unaffected",
                     version: "0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "4.19.*",
                     status: "unaffected",
                     version: "4.19.324",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.4.*",
                     status: "unaffected",
                     version: "5.4.286",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.10.*",
                     status: "unaffected",
                     version: "5.10.230",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.15.*",
                     status: "unaffected",
                     version: "5.15.172",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.1.*",
                     status: "unaffected",
                     version: "6.1.117",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.6.*",
                     status: "unaffected",
                     version: "6.6.61",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.11.*",
                     status: "unaffected",
                     version: "6.11.8",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "6.12",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report.",
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-19T09:37:46.944Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26",
            },
            {
               url: "https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5",
            },
            {
               url: "https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46",
            },
            {
               url: "https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf",
            },
            {
               url: "https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b",
            },
            {
               url: "https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191",
            },
            {
               url: "https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648",
            },
            {
               url: "https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552",
            },
         ],
         title: "HID: core: zero-initialize the report buffer",
         x_generator: {
            engine: "bippy-5f407fcff5a0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2024-50302",
      datePublished: "2024-11-19T01:30:51.300Z",
      dateReserved: "2024-10-21T19:36:19.987Z",
      dateUpdated: "2025-03-05T04:55:25.599Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-46815 (GCVE-0-2024-46815)

Vulnerability from cvelistv5

Published

2024-09-27 12:35

Modified

2024-12-19 09:23

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an OVERRUN issue reported by Coverity.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a72d4996409569027b4609414a14a87679b12267
	https://git.kernel.org/stable/c/7c47dd2e92341f2989ab73dbed07f8894593ad7b
	https://git.kernel.org/stable/c/c4a7f7c0062fe2c73f70bb7e335199e25bd71492
	https://git.kernel.org/stable/c/b36e9b3104c4ba0f2f5dd083dcf6159cb316c996
	https://git.kernel.org/stable/c/21f9cb44f8c60bf6c26487d428b1a09ad3e8aebf
	https://git.kernel.org/stable/c/6a4a08e45e614cfa7a56498cdfaeb7fae2f07fa0
	https://git.kernel.org/stable/c/b38a4815f79b87efb196cd5121579fc51e29a7fb

Impacted products

Vendor

Product

Version

▼

Linux

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-46815",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-29T14:18:10.423569Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-29T14:18:21.693Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Linux",
               programFiles: [
                  "drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThan: "a72d4996409569027b4609414a14a87679b12267",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "7c47dd2e92341f2989ab73dbed07f8894593ad7b",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "c4a7f7c0062fe2c73f70bb7e335199e25bd71492",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "b36e9b3104c4ba0f2f5dd083dcf6159cb316c996",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "21f9cb44f8c60bf6c26487d428b1a09ad3e8aebf",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "6a4a08e45e614cfa7a56498cdfaeb7fae2f07fa0",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
                  {
                     lessThan: "b38a4815f79b87efb196cd5121579fc51e29a7fb",
                     status: "affected",
                     version: "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
                     versionType: "git",
                  },
               ],
            },
            {
               defaultStatus: "affected",
               product: "Linux",
               programFiles: [
                  "drivers/gpu/drm/amd/display/dc/clk_mgr/dcn21/rn_clk_mgr.c",
               ],
               repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
               vendor: "Linux",
               versions: [
                  {
                     lessThanOrEqual: "5.4.*",
                     status: "unaffected",
                     version: "5.4.284",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.10.*",
                     status: "unaffected",
                     version: "5.10.226",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "5.15.*",
                     status: "unaffected",
                     version: "5.15.167",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.1.*",
                     status: "unaffected",
                     version: "6.1.109",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.6.*",
                     status: "unaffected",
                     version: "6.6.50",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.10.*",
                     status: "unaffected",
                     version: "6.10.9",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "*",
                     status: "unaffected",
                     version: "6.11",
                     versionType: "original_commit_for_fix",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]\n\n[WHY & HOW]\nnum_valid_sets needs to be checked to avoid a negative index when\naccessing reader_wm_sets[num_valid_sets - 1].\n\nThis fixes an OVERRUN issue reported by Coverity.",
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-12-19T09:23:44.876Z",
            orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            shortName: "Linux",
         },
         references: [
            {
               url: "https://git.kernel.org/stable/c/a72d4996409569027b4609414a14a87679b12267",
            },
            {
               url: "https://git.kernel.org/stable/c/7c47dd2e92341f2989ab73dbed07f8894593ad7b",
            },
            {
               url: "https://git.kernel.org/stable/c/c4a7f7c0062fe2c73f70bb7e335199e25bd71492",
            },
            {
               url: "https://git.kernel.org/stable/c/b36e9b3104c4ba0f2f5dd083dcf6159cb316c996",
            },
            {
               url: "https://git.kernel.org/stable/c/21f9cb44f8c60bf6c26487d428b1a09ad3e8aebf",
            },
            {
               url: "https://git.kernel.org/stable/c/6a4a08e45e614cfa7a56498cdfaeb7fae2f07fa0",
            },
            {
               url: "https://git.kernel.org/stable/c/b38a4815f79b87efb196cd5121579fc51e29a7fb",
            },
         ],
         title: "drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]",
         x_generator: {
            engine: "bippy-5f407fcff5a0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      assignerShortName: "Linux",
      cveId: "CVE-2024-46815",
      datePublished: "2024-09-27T12:35:57.062Z",
      dateReserved: "2024-09-11T15:12:18.283Z",
      dateUpdated: "2024-12-19T09:23:44.876Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

CVE-2024-56648 (GCVE-0-2024-56648)

Vulnerability from cvelistv5

CVE-2024-46818 (GCVE-0-2024-46818)

Vulnerability from cvelistv5

CVE-2022-48911 (GCVE-0-2022-48911)

Vulnerability from cvelistv5

CVE-2024-50302 (GCVE-0-2024-50302)

Vulnerability from cvelistv5

CVE-2024-46815 (GCVE-0-2024-46815)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature