VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (2,888)

  • CVE-2021-47633HigFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in the loop, idx can go up t

  • CVE-2021-47632MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/set_memory: Avoid spinlock recursion in change_page_attr() Commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") included a spin_lock() to change_page_attr() in order to safely perform the

  • CVE-2021-47631MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmetto-bmc machine: Unable to

  • CVE-2022-28693MedFeb 14, 2025
    affected < 5.14.21-150400.24.21.2fixed 5.14.21-150400.24.21.2

    Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

  • CVE-2025-21699MedFeb 12, 2025
    affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buf

  • CVE-2025-21693HigFeb 10, 2025
    affected < 5.14.21-150400.24.161.1fixed 5.14.21-150400.24.161.1

    In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the current CPU at the beginning of the operation is retrieved and use

  • CVE-2025-21692HigFeb 10, 2025
    affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo

  • CVE-2025-21690MedFeb 10, 2025
    affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preve

  • CVE-2024-57948MedJan 31, 2025
    affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

    In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardwar

  • CVE-2024-57947MedJan 23, 2025
    affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea

  • CVE-2025-21658MedJan 21, 2025
    affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dere

  • CVE-2023-52923MedJan 20, 2025
    affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle

  • CVE-2024-57897MedJan 15, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize

  • CVE-2024-57893MedJan 15, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal

  • CVE-2024-54031MedJan 15, 2025
    affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Access to genmask field in struct nft_set_ext results in unaligned atomic read: [ 72.130109] Unable to handle kernel paging request at vir

  • CVE-2024-57849HigJan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP

  • CVE-2024-57798HigJan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot

  • CVE-2024-57792HigJan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is b

  • CVE-2024-57791HigJan 11, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no

  • CVE-2024-56759HigJan 6, 2025
    affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled

Page 79 of 145