VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (4,709)

  • CVE-2023-52612HigMar 18, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from the scomp_scratch->dst to avoid req->dst buffer overflow problem.

  • CVE-2023-52610MedMar 18, 2024
    affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph w

  • CVE-2023-28746MedMar 14, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2024-26629MedMar 13, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE_LOCKOWNER The test on so_count in nfsd4_release_lockowner() is nonsense and harmful. Revert to using check_for_locks(), changing that to not sleep. First: harmful. As is documented in the kd

  • CVE-2023-52608MedMar 13, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Check mailbox/SMT channel for consistency On reception of a completion interrupt the shared memory area is accessed to retrieve the message header at first and then, if the message sequence

  • CVE-2024-26620HigMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfio_ap_mdev_filter_matrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of the function is to update the guest's AP c

  • CVE-2024-26615MedMar 11, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1

  • CVE-2024-26614MedMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU:

  • CVE-2024-26612MedMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). Check first, then dereference.

  • CVE-2024-26610HigMar 11, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the

  • CVE-2023-52498MedMar 11, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because async_schedule_dev() executes its argument function

  • CVE-2023-52494HigMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "is_valid_ring_ptr" to make sure it is in the buffer range, but there is another risk the pointe

  • CVE-2023-52493MedMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parse_xfer_event() such that a callback given to clie

  • CVE-2023-52492MedMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure, chan->local is freed (with free_percpu()), and chan->local is nullified. When d

  • CVE-2023-52489MedMar 11, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA

  • CVE-2023-52488MedMar 11, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d

  • CVE-2023-52486MedMar 11, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from

  • CVE-2024-26627MedMar 6, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Inside scsi_eh_wakeup(), scsi_host_busy() is called & checked with host lock every time for deciding if error handler kthread needs to

  • CVE-2024-26625HigMar 6, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after cal

  • CVE-2023-52607MedMar 6, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the p

Page 216 of 236