rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52443 | Med | 5.5 | < 5.14.21-150500.55.52.1 | 5.14.21-150500.55.52.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string | |
| CVE-2024-26585 | Med | 4.7 | < 5.14.21-150500.55.52.1 | 5.14.21-150500.55.52.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling | |
| CVE-2024-26584 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | |
| CVE-2024-26583 | Med | 4.7 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch | |
| CVE-2023-52439 | Hig | 7.8 | < 5.14.21-150500.55.52.1 | 5.14.21-150500.55.52.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_device uio_open idev = idr_find() device_unregister(&idev->dev) put_device(&idev- | |
| CVE-2023-52435 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computation in skb_segment() can | |
| CVE-2024-26581 | Hig | 7.8 | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not | |
| CVE-2023-52433 | Med | 4.4 | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig | |
| CVE-2024-25744 | Hig | 8.8 | < 5.14.21-150500.55.52.1 | 5.14.21-150500.55.52.1 | Feb 12, 2024 | In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c. | |
| CVE-2024-25741 | Med | 5.5 | < 5.14.21-150500.55.73.1 | 5.14.21-150500.55.73.1 | Feb 12, 2024 | printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact. | |
| CVE-2024-25739 | Med | 5.5 | < 5.14.21-150500.55.59.1 | 5.14.21-150500.55.59.1 | Feb 12, 2024 | create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |
| CVE-2023-52429 | Med | 5.5 | < 5.14.21-150500.55.52.1 | 5.14.21-150500.55.52.1 | Feb 12, 2024 | dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | |
| CVE-2024-1151 | Med | 5.5 | < 5.14.21-150500.55.52.1 | 5.14.21-150500.55.52.1 | Feb 11, 2024 | A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo | |
| CVE-2023-6536 | Med | 6.5 | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Feb 7, 2024 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial | |
| CVE-2023-6535 | Med | 6.5 | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Feb 7, 2024 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial | |
| CVE-2023-6356 | Med | 6.5 | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Feb 7, 2024 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a deni | |
| CVE-2024-24860 | Med | 4.6 | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Feb 5, 2024 | A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. | |
| CVE-2024-1086 | Hig | 7.8 | KEV | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Jan 31, 2024 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau |
| CVE-2024-1085 | Hig | 7.8 | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Jan 31, 2024 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the | |
| CVE-2023-46838 | Hig | 7.5 | < 5.14.21-150500.55.49.1 | 5.14.21-150500.55.49.1 | Jan 29, 2024 | Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are |
- affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1
In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string
- affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch
- affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1
In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_device uio_open idev = idr_find() device_unregister(&idev->dev) put_device(&idev-
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computation in skb_segment() can
- affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not
- affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig
- affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1
In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c.
- affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1
printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.
- affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
- affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
- affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a deni
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the
- affected < 5.14.21-150500.55.49.1fixed 5.14.21-150500.55.49.1
Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are
Page 224 of 236