rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-43830 | Hig | 7.8 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by the activate() callback and | |
| CVE-2024-43829 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference. | |
| CVE-2024-43828 | Med | 5.5 | < 5.14.21-150500.55.83.1 | 5.14.21-150500.55.83.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the re | |
| CVE-2024-43823 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and | |
| CVE-2024-43821 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer. In the following context and functi | |
| CVE-2024-43819 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontr | |
| CVE-2024-43818 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpi_get_first_physical_node() can return NULL in several cases (no such device, ACPI table error, reference count drop to 0, etc). Existing check | |
| CVE-2024-43817 | Med | 5.5 | < 5.14.21-150500.55.88.1 | 5.14.21-150500.55.88.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. After the skb_segment function the buffer may become non-linear (nr_frags != 0), but since the SK | |
| CVE-2024-43816 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages On big endian architectures, it is possible to run into a memory out of bounds pointer dereference when FCP targets are zoned. In l | |
| CVE-2024-42322 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression | |
| CVE-2024-42320 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti | |
| CVE-2024-42319 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel | |
| CVE-2024-42318 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN | |
| CVE-2024-42315 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all | |
| CVE-2024-42313 | Hig | 7.8 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part | |
| CVE-2024-42312 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip setting them. Commit 5ec27ec735ba ("fs/proc/proc_sysctl.c: fix the default values of | |
| CVE-2024-42311 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ================================== | |
| CVE-2024-42310 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on | |
| CVE-2024-42309 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref | |
| CVE-2024-42307 | Med | 5.5 | < 5.14.21-150500.55.103.1 | 5.14.21-150500.55.103.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume |
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by the activate() callback and
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference.
- affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the re
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer. In the following context and functi
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontr
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpi_get_first_physical_node() can return NULL in several cases (no such device, ACPI table error, reference count drop to 0, etc). Existing check
- affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1
In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again 1. After the skb_segment function the buffer may become non-linear (nr_frags != 0), but since the SK
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages On big endian architectures, it is possible to run into a memory out of bounds pointer dereference when FCP targets are zoned. In l
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip setting them. Commit 5ec27ec735ba ("fs/proc/proc_sysctl.c: fix the default values of
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ==================================
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref
- affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume
Page 143 of 236