rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49035 | Med | 5.5 | < 5.14.21-150400.24.147.1 | 5.14.21-150400.24.147.1 | Jan 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. | |
| CVE-2024-56704 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique: remove confusing variable reset to 0] | |
| CVE-2024-56664 | Hig | 7.0 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona | |
| CVE-2024-56661 | Med | 5.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanup_bearer() syzbot found [1] that after blamed commit, ub->ubsock->sk was NULL when attempting the atomic_dec() : atomic_dec(&tipc_net(sock_net(ub->ubsock->sk))->wq_count); Fix th | |
| CVE-2024-56658 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->x | |
| CVE-2024-56651 | Hig | 7.8 | < 5.14.21-150400.24.161.1 | 5.14.21-150400.24.161.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110_can_ist(): fix potential use-after-free The commit a22bd630cfff ("can: hi311x: do not report txerr and rxerr during bus-off") removed the reporting of rxerr and txerr even in case of correct | |
| CVE-2024-56650 | Hig | 7.1 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta | |
| CVE-2024-56648 | Med | 5.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend | |
| CVE-2024-56645 | Med | 5.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new skb, do the same for the initial one in j1939_session_new() to avoid refcount und | |
| CVE-2024-56642 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanup_bearer() without repro. [0][1] When bearer_disable() calls tipc_udp_disable(), | |
| CVE-2024-56631 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockde | |
| CVE-2024-56623 | Med | 5.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On settin | |
| CVE-2024-56619 | Hig | 7.8 | < 5.14.21-150400.24.147.1 | 5.14.21-150400.24.147.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access | |
| CVE-2024-56605 | Hig | 7.8 | < 5.14.21-150400.24.147.1 | 5.14.21-150400.24.147.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o | |
| CVE-2024-56604 | Hig | 7.8 | < 5.14.21-150400.24.147.1 | 5.14.21-150400.24.147.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but l | |
| CVE-2024-56602 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to the provided sock object. If ieee802154_create() fails later, the allocated sk obj | |
| CVE-2024-56601 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o | |
| CVE-2024-56600 | Hig | 7.8 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the | |
| CVE-2024-56598 | Hig | 7.8 | < 5.14.21-150400.24.147.1 | 5.14.21-150400.24.147.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case. | |
| CVE-2024-56570 | Hig | 7.8 | < 5.14.21-150400.24.147.1 | 5.14.21-150400.24.147.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such |
- affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1
In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case.
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique: remove confusing variable reset to 0]
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanup_bearer() syzbot found [1] that after blamed commit, ub->ubsock->sk was NULL when attempting the atomic_dec() : atomic_dec(&tipc_net(sock_net(ub->ubsock->sk))->wq_count); Fix th
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->x
- affected < 5.14.21-150400.24.161.1fixed 5.14.21-150400.24.161.1
In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110_can_ist(): fix potential use-after-free The commit a22bd630cfff ("can: hi311x: do not report txerr and rxerr during bus-off") removed the reporting of rxerr and txerr even in case of correct
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new skb, do the same for the initial one in j1939_session_new() to avoid refcount und
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanup_bearer() without repro. [0][1] When bearer_disable() calls tipc_udp_disable(),
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockde
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On settin
- affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access
- affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o
- affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but l
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to the provided sock object. If ieee802154_create() fails later, the allocated sk obj
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the
- affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1
In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case.
- affected < 5.14.21-150400.24.147.1fixed 5.14.21-150400.24.147.1
In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such
Page 80 of 145