rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48953 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpi_install_fixed_event_handler() enables the event automatically on success, it is incorrect to call it before the handler routine passed to it | |
| CVE-2022-48951 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values | |
| CVE-2022-48949 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that in | |
| CVE-2022-48948 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT t | |
| CVE-2022-48947 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this | |
| CVE-2022-48946 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix preallocation discarding at indirect extent boundary When preallocation extent is the first one in the extent block, the code would corrupt extent tree header instead. Fix the problem and use udf_delet | |
| CVE-2024-50017 | Med | 5.5 | < 5.14.21-150400.24.144.1 | 5.14.21-150400.24.144.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/mm/ident_map: Use gbpages only where full GB page should be mapped. When ident_pud_init() uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the | |
| CVE-2024-49991 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set | |
| CVE-2024-49982 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of d | |
| CVE-2024-49974 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit | |
| CVE-2024-49969 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_hw_format` function in the DCN30 color ma | |
| CVE-2024-49960 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function cancels the s_err_report timer, which reminds about filesystem errors daily. We shou | |
| CVE-2024-49945 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic. | |
| CVE-2024-49936 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvif_flush_hash() During the list_for_each_entry_rcu iteration call of xenvif_flush_hash, kfree_rcu does not exist inside the rcu read critical section, so if kfree_rcu is call | |
| CVE-2024-49930 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() functi | |
| CVE-2024-49925 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UA | |
| CVE-2024-49867 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the k | |
| CVE-2024-49860 | Hig | 7.1 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory. | |
| CVE-2024-47757 | Hig | 7.1 | < 5.14.21-150400.24.144.1 | 5.14.21-150400.24.144.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfs_btree_check_delete() The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b-tree entry, causes memory acc | |
| CVE-2024-47748 | Hig | 7.8 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_irq() which is problematic as we don't know if the token pointer is still valid or |
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpi_install_fixed_event_handler() enables the event automatically on success, it is incorrect to call it before the handler routine passed to it
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that in
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT t
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix preallocation discarding at indirect extent boundary When preallocation extent is the first one in the extent block, the code would corrupt extent tree header instead. Fix the problem and use udf_delet
- affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm/ident_map: Use gbpages only where full GB page should be mapped. When ident_pud_init() uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of d
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_hw_format` function in the DCN30 color ma
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function cancels the s_err_report timer, which reminds about filesystem errors daily. We shou
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic.
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvif_flush_hash() During the list_for_each_entry_rcu iteration call of xenvif_flush_hash, kfree_rcu does not exist inside the rcu read critical section, so if kfree_rcu is call
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() functi
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UA
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the k
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory.
- affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfs_btree_check_delete() The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b-tree entry, causes memory acc
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_irq() which is problematic as we don't know if the token pointer is still valid or
Page 86 of 145