rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-38538 | Hig | 7.1 | < 5.14.21-150500.55.83.1 | 5.14.21-150500.55.83.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we | |
| CVE-2024-36978 | Hig | 7.8 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw | |
| CVE-2024-36975 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2. | |
| CVE-2024-36974 | Hig | 7.8 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k | |
| CVE-2024-36971 | Hig | 7.8 | KEV | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca |
| CVE-2024-36969 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves | |
| CVE-2024-36967 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case. | |
| CVE-2024-36965 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size th | |
| CVE-2024-36964 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s | |
| CVE-2024-36962 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from n | |
| CVE-2024-36960 | Hig | 7.1 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent structure i | |
| CVE-2024-36959 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping op | |
| CVE-2024-36957 | Med | 5.5 | < 5.14.21-150500.55.88.1 | 5.14.21-150500.55.88.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these c | |
| CVE-2024-36955 | Hig | 7.7 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mentions this important point: " The caller is responsible for calling fwnode_handle_pu | |
| CVE-2024-36954 | Med | 5.5 | < 5.14.21-150500.55.88.1 | 5.14.21-150500.55.88.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path. | |
| CVE-2024-36953 | Med | 5.5 | < 5.14.21-150500.55.88.1 | 5.14.21-150500.55.88.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID | |
| CVE-2024-36952 | Med | 4.7 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vpo | |
| CVE-2024-36950 | Med | 4.4 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a | |
| CVE-2024-36949 | Med | 4.7 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all d | |
| CVE-2024-36947 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thi |
- affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2.
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case.
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size th
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from n
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent structure i
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping op
- affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these c
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mentions this important point: " The caller is responsible for calling fwnode_handle_pu
- affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1
In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path.
- affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vpo
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all d
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thi
Page 169 of 236