rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50199 | Med | 5.5 | < 5.14.21-150400.24.150.1 | 5.14.21-150400.24.150.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and | |
| CVE-2024-50154 | Hig | 7.0 | < 5.14.21-150400.24.144.1 | 5.14.21-150400.24.144.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc | |
| CVE-2024-50143 | Hig | 7.8 | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch repro | |
| CVE-2024-50128 | Hig | 7.1 | < 5.14.21-150400.24.153.1 | 5.14.21-150400.24.153.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as | |
| CVE-2024-50127 | Hig | 7.8 | < 5.14.21-150400.24.144.1 | 5.14.21-150400.24.144.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre | |
| CVE-2024-50125 | Hig | 7.8 | < 5.14.21-150400.24.144.1 | 5.14.21-150400.24.144.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list. | |
| CVE-2024-50115 | Hig | 7.1 | < 5.14.21-150400.24.144.1 | 5.14.21-150400.24.144.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc | |
| CVE-2023-52919 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Handle memory allocation failure from nci_skb_alloc() (calling alloc_skb()) to avoid possible NULL pointer dereference. | |
| CVE-2024-50047 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt | |
| CVE-2022-49032 | Hig | 7.1 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4404_read_raw+0x2ce/0x380 Read of size 4 at addr ffffffffc00e46 | |
| CVE-2022-49031 | Hig | 7.1 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403_read_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4403_read_raw+0x42e/0x4c0 Read of size 4 at addr ffffffffc02ac638 by ta | |
| CVE-2022-49029 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ibmpex_register_bmc() warn: '&data->list' not removed from list If ibmpex_find_ | |
| CVE-2022-49028 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add destroy_workqueue() in fai | |
| CVE-2022-49027 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver() failed. Call destroy_workqueue() when pci_register_driver() failed to prevent the resourc | |
| CVE-2022-49026 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100_xmit_prepare In e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so e100_xmit_frame() will return NETDEV_TX_BUSY and the upper layer will resend the s | |
| CVE-2022-49025 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the | |
| CVE-2022-49024 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods In m_can_pci_remove() and error handling path of m_can_pci_probe(), m_can_class_free_dev() should be called to free resource allocated | |
| CVE-2022-49023 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor elements, the code here assumes that 5 octets are present without checking. Since the element itself is already checked to fit, we only need to | |
| CVE-2022-49022 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_duration routine as reported by the following UBSAN report: UBSAN: array-index-out-o | |
| CVE-2022-49021 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe() failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 Oops: 0000 [#1] PRE |
- affected < 5.14.21-150400.24.150.1fixed 5.14.21-150400.24.150.1
In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and
- affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc
- affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch repro
- affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as
- affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre
- affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.
- affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Handle memory allocation failure from nci_skb_alloc() (calling alloc_skb()) to avoid possible NULL pointer dereference.
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4404_read_raw+0x2ce/0x380 Read of size 4 at addr ffffffffc00e46
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403_read_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4403_read_raw+0x42e/0x4c0 Read of size 4 at addr ffffffffc02ac638 by ta
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails Smatch report warning as follows: drivers/hwmon/ibmpex.c:509 ibmpex_register_bmc() warn: '&data->list' not removed from list If ibmpex_find_
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add destroy_workqueue() in fai
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver() failed. Call destroy_workqueue() when pci_register_driver() failed to prevent the resourc
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: e100: Fix possible use after free in e100_xmit_prepare In e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so e100_xmit_frame() will return NETDEV_TX_BUSY and the upper layer will resend the s
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods In m_can_pci_remove() and error handling path of m_can_pci_probe(), m_can_class_free_dev() should be called to free resource allocated
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor elements, the code here assumes that 5 octets are present without checking. Since the element itself is already checked to fit, we only need to
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_duration routine as reported by the following UBSAN report: UBSAN: array-index-out-o
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe() failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 Oops: 0000 [#1] PRE
Page 83 of 145