VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (4,709)

  • CVE-2024-50007HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This pa

  • CVE-2024-50006MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates

  • CVE-2024-50003MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix system hang while resume with TBT monitor [Why] Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during t

  • CVE-2024-50002MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the static calls in a module. static_call_add_module() invokes __sta

  • CVE-2024-50001MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This cou

  • CVE-2024-50000MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field. Found by Linux Verifica

  • CVE-2024-49996HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseData

  • CVE-2024-49991HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set

  • CVE-2024-49989HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be freed. Otherwise, a double

  • CVE-2024-49985MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume In case there is any sort of clock controller attached to this I2C bus controller, for example Versaclock or even an AIC32x4 I2C codec,

  • CVE-2024-49983HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(), the 'ppath' is updated but it is the 'path' that is freed, thus p

  • CVE-2024-49982HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of d

  • CVE-2024-49981HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in venus_remove due to race condition in venus_probe, core->work is bound with venus_sys_error_handler, which is used to handle error. The code use core->sys_err_done to mak

  • CVE-2024-49975MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "[uprobes]" vma xol_add_vma() maps the uninitialized page allocated by __create_xol_area() into userspace. On some architectures (x86) this memory is readable even without VM_R

  • CVE-2024-49974MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit

  • CVE-2024-49973MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated m

  • CVE-2024-49969HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_hw_format` function in the DCN30 color ma

  • CVE-2024-49968MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash When mounting the ext4 filesystem, if the default hash version is set to DX_HASH_SIPHASH but the casefold feature is not set, exit the m

  • CVE-2024-49966HigOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: cancel dqi_sync_work before freeing oinfo ocfs2_global_read_info() will initialize and schedule dqi_sync_work at the end, if error occurs after successfully reading global quota, it will trigger the foll

  • CVE-2024-49965MedOct 21, 2024
    affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove unreasonable unlock in ocfs2_read_blocks Patch series "Misc fixes for ocfs2_read_blocks", v5. This series contains 2 fixes for ocfs2_read_blocks(). The first patch fix the issue reported by syzb

Page 122 of 236