suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP7

Vulnerabilities (2,262)

• CVE-2024-56702Dec 28, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Mark raw_tp arguments with PTR_MAYBE_NULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint ar

• CVE-2024-56699Dec 28, 2024
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix potential double remove of hotplug slot In commit 6ee600bfbe0f ("s390/pci: remove hotplug slot when releasing the device") the zpci_exit_slot() was moved from zpci_device_reserved() to zpci_releas

• CVE-2024-56641Dec 27, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize close_work early to avoid warning We encountered a warning that close_work was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x

• CVE-2024-56640Dec 27, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access uns

• CVE-2024-56638Dec 27, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh

• CVE-2024-56613Dec 27, 2024
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: sched/numa: fix memory leak due to the overwritten vma->numab_state [Problem Description] When running the hackbench program of LTP, the following memory leak is reported by kmemleak. # /opt/ltp/testcases/bi

• CVE-2024-56541Dec 27, 2024
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() During ath12k module removal, in ath12k_core_deinit(), ath12k_mac_destroy() un-registers ah->hw from mac80211 and frees the ah->hw as well as all the a

• CVE-2024-53163Dec 24, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix off by one in uof_get_name() This is called from uof_get_name_420xx() where "num_objs" is the ARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an out of bounds access.

• CVE-2024-53149Dec 24, 2024
  affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

  In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing

• CVE-2024-53140Dec 4, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual

• CVE-2024-53139Dec 4, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: sctp: fix possible UAF in sctp_v6_available() A lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints that sctp_v6_available() is calling dev_get_by_index_rcu() and ipv6_chk_addr() without holding rcu. [1] ==

• CVE-2024-53124MedDec 2, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules

• CVE-2024-53057HigNov 19, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

• CVE-2024-53070Nov 19, 2024
  affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

  In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. A

• CVE-2024-53063Nov 19, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_

• CVE-2024-50293Nov 19, 2024
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in __smc_create() Thanks to commit 4bbd360a5084 ("socket: Print pf->create() when it does not clear sock->sk on failure."), syzbot found an issue with AF_SMC: smc_cr

• CVE-2024-50290Nov 19, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that.

• CVE-2024-50223Nov 9, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null pointer dereference error in task_numa_work(). Here is the backtrace: [323676.0

• CVE-2024-50140Nov 7, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function c

• CVE-2024-50126Nov 5, 2024
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6