rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47633 | Hig | 7.1 | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in the loop, idx can go up t | |
| CVE-2021-47632 | Med | 5.5 | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/set_memory: Avoid spinlock recursion in change_page_attr() Commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") included a spin_lock() to change_page_attr() in order to safely perform the | |
| CVE-2021-47631 | Med | 5.5 | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmetto-bmc machine: Unable to | |
| CVE-2022-28693 | Med | 4.7 | < 5.14.21-150400.24.21.2 | 5.14.21-150400.24.21.2 | Feb 14, 2025 | Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | |
| CVE-2025-21699 | Med | 5.5 | < 5.14.21-150400.24.153.1 | 5.14.21-150400.24.153.1 | Feb 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buf | |
| CVE-2025-21693 | Hig | 7.8 | < 5.14.21-150400.24.161.1 | 5.14.21-150400.24.161.1 | Feb 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the current CPU at the beginning of the operation is retrieved and use | |
| CVE-2025-21692 | Hig | 7.8 | < 5.14.21-150400.24.153.1 | 5.14.21-150400.24.153.1 | Feb 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo | |
| CVE-2025-21690 | Med | 5.5 | < 5.14.21-150400.24.153.1 | 5.14.21-150400.24.153.1 | Feb 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preve | |
| CVE-2024-57948 | Med | 5.5 | < 5.14.21-150400.24.153.1 | 5.14.21-150400.24.153.1 | Jan 31, 2025 | In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardwar | |
| CVE-2024-57947 | Med | 5.5 | < 5.14.21-150400.24.173.1 | 5.14.21-150400.24.173.1 | Jan 23, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea | |
| CVE-2025-21658 | Med | 5.5 | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Jan 21, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dere | |
| CVE-2023-52923 | Med | 5.5 | < 5.14.21-150400.24.173.1 | 5.14.21-150400.24.173.1 | Jan 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle | |
| CVE-2024-57897 | Med | 5.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize | |
| CVE-2024-57893 | Med | 6.3 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal | |
| CVE-2024-54031 | Med | 5.5 | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Access to genmask field in struct nft_set_ext results in unaligned atomic read: [ 72.130109] Unable to handle kernel paging request at vir | |
| CVE-2024-57849 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP | |
| CVE-2024-57798 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot | |
| CVE-2024-57792 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is b | |
| CVE-2024-57791 | Hig | 7.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no | |
| CVE-2024-56759 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled |
- affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in the loop, idx can go up t
- affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/set_memory: Avoid spinlock recursion in change_page_attr() Commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") included a spin_lock() to change_page_attr() in order to safely perform the
- affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmetto-bmc machine: Unable to
- affected < 5.14.21-150400.24.21.2fixed 5.14.21-150400.24.21.2
Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
- affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buf
- affected < 5.14.21-150400.24.161.1fixed 5.14.21-150400.24.161.1
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the current CPU at the beginning of the operation is retrieved and use
- affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
- affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preve
- affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1
In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardwar
- affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
- affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dere
- affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
- affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Access to genmask field in struct nft_set_ext results in unaligned atomic read: [ 72.130109] Unable to handle kernel paging request at vir
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is b
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
Page 79 of 145