rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35958 | Med | 5.5 | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by | |
| CVE-2024-35955 | Hig | 8.8 | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When unloading a module, its state is changing MODULE_STATE_LIVE -> MODULE_STATE_GOING -> MODULE_STATE_UNFORMED. Each change will take a time. | |
| CVE-2024-35950 | Med | 5.5 | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo | |
| CVE-2024-36009 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). When the ax25 device is detaching, the dev_tracker of ax25_cb should be deallocated in ax25_kill_by_device() instead of the de | ||
| CVE-2024-36003 | — | < 6.4.0-150600.23.17.1 | 6.4.0-150600.23.17.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: fix LAG and VF lock dependency in ice_reset_vf() 9f74a3dfcf83 ("ice: Fix VF Reset paths when interface in a failed over aggregate"), the ice driver has acquired the LAG mutex in ice_reset_vf(). The commit | ||
| CVE-2024-36002 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_pin_on_pin_register() for multiple parent pins In scenario where pin is registered with multiple parent pins via dpll_pin_on_pin_register(..), all belonging to the same dpll device. A second call | ||
| CVE-2024-36000 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel.org/all/000000000000ee06de0616177560@google.com/ 350: lockdep_assert_held(&huge | ||
| CVE-2024-35999 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb3: missing lock when picking channel Coverity spotted a place where we should have been holding the channel lock when accessing the ses channel index. Addresses-Coverity: 1582039 ("Data race condition (MISS | ||
| CVE-2024-35998 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb3: fix lock ordering potential deadlock in cifs_sync_mid_result Coverity spotted that the cifs_sync_mid_result function could deadlock "Thread deadlock (ORDER_REVERSAL) lock_order: Calling spin_lock acquire | ||
| CVE-2024-35995 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was unc | ||
| CVE-2024-35992 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbe_phy_init_fix[fix_idx].addr' every iteration after 'fix_idx' reaches 'ARRAY_SIZE(gbe_phy_init_fix)'. Make sure 'g | ||
| CVE-2024-35991 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drain_workqueue() cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queue_wo | ||
| CVE-2024-35989 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CP | ||
| CVE-2024-35986 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The power_supply frame-work is not really designed for there to be long living in kernel references to power_supply devices. Specific | ||
| CVE-2024-35981 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: virtio_net: Do not send RSS key if it is not supported There is a bug when setting the RSS options in virtio_net that can break the whole machine, getting the kernel into an infinite loop. Running the followin | ||
| CVE-2024-35980 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fix TLBI RANGE operand KVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty pages are collected by VMM and the page table entries become write protected during live migration. Unfortu | ||
| CVE-2024-35979 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will be issued to underlying disks, however, in raid1_write_request(), r1_bio->bios[] will set | ||
| CVE-2024-35977 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). This can trigger a NULL pointer deref | ||
| CVE-2024-35975 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which added support for Round ro | ||
| CVE-2024-35974 | — | < 6.4.0-150600.23.7.3 | 6.4.0-150600.23.7.3 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q->blkg_list when calling blkcg_init_ |
- affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior ENA has two types of TX queues: - queues which only process TX packets arriving from the network stack - queues which only process TX packets forwarded to it by
- affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When unloading a module, its state is changing MODULE_STATE_LIVE -> MODULE_STATE_GOING -> MODULE_STATE_UNFORMED. Each change will take a time.
- affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo
- CVE-2024-36009May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). When the ax25 device is detaching, the dev_tracker of ax25_cb should be deallocated in ax25_kill_by_device() instead of the de
- CVE-2024-36003May 20, 2024affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1
In the Linux kernel, the following vulnerability has been resolved: ice: fix LAG and VF lock dependency in ice_reset_vf() 9f74a3dfcf83 ("ice: Fix VF Reset paths when interface in a failed over aggregate"), the ice driver has acquired the LAG mutex in ice_reset_vf(). The commit
- CVE-2024-36002May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_pin_on_pin_register() for multiple parent pins In scenario where pin is registered with multiple parent pins via dpll_pin_on_pin_register(..), all belonging to the same dpll device. A second call
- CVE-2024-36000May 20, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel.org/all/000000000000ee06de0616177560@google.com/ 350: lockdep_assert_held(&huge
- CVE-2024-35999May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: smb3: missing lock when picking channel Coverity spotted a place where we should have been holding the channel lock when accessing the ses channel index. Addresses-Coverity: 1582039 ("Data race condition (MISS
- CVE-2024-35998May 20, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
In the Linux kernel, the following vulnerability has been resolved: smb3: fix lock ordering potential deadlock in cifs_sync_mid_result Coverity spotted that the cifs_sync_mid_result function could deadlock "Thread deadlock (ORDER_REVERSAL) lock_order: Calling spin_lock acquire
- CVE-2024-35995May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was unc
- CVE-2024-35992May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbe_phy_init_fix[fix_idx].addr' every iteration after 'fix_idx' reaches 'ARRAY_SIZE(gbe_phy_init_fix)'. Make sure 'g
- CVE-2024-35991May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drain_workqueue() cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queue_wo
- CVE-2024-35989May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CP
- CVE-2024-35986May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The power_supply frame-work is not really designed for there to be long living in kernel references to power_supply devices. Specific
- CVE-2024-35981May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: virtio_net: Do not send RSS key if it is not supported There is a bug when setting the RSS options in virtio_net that can break the whole machine, getting the kernel into an infinite loop. Running the followin
- CVE-2024-35980May 20, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fix TLBI RANGE operand KVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty pages are collected by VMM and the page table entries become write protected during live migration. Unfortu
- CVE-2024-35979May 20, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will be issued to underlying disks, however, in raid1_write_request(), r1_bio->bios[] will set
- CVE-2024-35977May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). This can trigger a NULL pointer deref
- CVE-2024-35975May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which added support for Round ro
- CVE-2024-35974May 20, 2024affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3
In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q->blkg_list when calling blkcg_init_
Page 185 of 209