rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48875 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test mul | |
| CVE-2022-48873 | Hig | 7.8 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release Do not remove the map from the list on error path in fastrpc_init_create_process, instead call fastrpc_map_put, to avoid use-after-free. Do | |
| CVE-2022-48872 | Hig | 7.0 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpc_map_get() until map->fl->lock is taken in fastrpc_free_map(), another thread can call fastrpc_map_lookup( | |
| CVE-2022-48871 | Hig | 7.1 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO (port->rx_fifo) based on default RX FIFO depth, e.g. 16. Later during serial startup the qcom | |
| CVE-2022-48870 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spk_ttyio_release Run the following tests on the qemu platform: syzkaller:~# modprobe speakup_audptr input: Speakup as /devices/virtual/input/input4 initialized device: /d | |
| CVE-2022-48869 | Med | 4.7 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the | |
| CVE-2022-48868 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes tha | |
| CVE-2024-43882 | Hig | 7.0 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer | |
| CVE-2024-43861 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | |
| CVE-2024-43854 | Med | 5.5 | < 5.14.21-150400.24.141.1 | 5.14.21-150400.24.141.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. For PI metadata this | |
| CVE-2024-43853 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro | |
| CVE-2024-42301 | Hig | 7.8 | < 5.14.21-150400.24.136.1 | 5.14.21-150400.24.136.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i | |
| CVE-2024-42271 | Hig | 7.8 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path | |
| CVE-2024-42265 | Med | 5.5 | < 5.14.21-150400.24.173.1 | 5.14.21-150400.24.173.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec | |
| CVE-2024-42240 | Med | 5.5 | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Aug 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entry_SYSENTER_compat() uses CLEAR_BRANCH_HISTORY and calls the clear | |
| CVE-2024-42232 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Aug 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can re | |
| CVE-2024-42230 | Med | 4.4 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv i | |
| CVE-2024-42229 | Med | 4.1 | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish t | |
| CVE-2024-42145 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra | |
| CVE-2024-42126 | Med | 5.5 | < 5.14.21-150400.24.133.2 | 5.14.21-150400.24.133.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int |
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test mul
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release Do not remove the map from the list on error path in fastrpc_init_create_process, instead call fastrpc_map_put, to avoid use-after-free. Do
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpc_map_get() until map->fl->lock is taken in fastrpc_free_map(), another thread can call fastrpc_map_lookup(
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO (port->rx_fifo) based on default RX FIFO depth, e.g. 16. Later during serial startup the qcom
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spk_ttyio_release Run the following tests on the qemu platform: syzkaller:~# modprobe speakup_audptr input: Speakup as /devices/virtual/input/input4 initialized device: /d
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes tha
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1
In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. For PI metadata this
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro
- affected < 5.14.21-150400.24.136.1fixed 5.14.21-150400.24.136.1
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path
- affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec
- affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entry_SYSENTER_compat() uses CLEAR_BRANCH_HISTORY and calls the clear
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can re
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv i
- affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish t
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra
- affected < 5.14.21-150400.24.133.2fixed 5.14.21-150400.24.133.2
In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int
Page 91 of 145