rpm package
suse/kernel-livepatch-MICRO-6-0-RT_Update_3&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_3&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (247)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-38538 | — | < 1-1.2 | 1-1.2 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we | ||
| CVE-2024-36953 | — | < 1-1.2 | 1-1.2 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID | ||
| CVE-2023-52752 | — | < 1-1.2 | 1-1.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ | ||
| CVE-2024-26804 | — | < 1-1.2 | 1-1.2 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr | ||
| CVE-2024-26759 | — | < 1-1.2 | 1-1.2 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) | ||
| CVE-2024-26640 | — | < 1-1.2 | 1-1.2 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these additional checks: - Page mu | ||
| CVE-2023-52610 | — | < 1-1.2 | 1-1.2 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph w |
- CVE-2024-38538Jun 19, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we
- CVE-2024-36953May 30, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID
- CVE-2023-52752May 21, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @
- CVE-2024-26804Apr 4, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr
- CVE-2024-26759Apr 3, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0)
- CVE-2024-26640Mar 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these additional checks: - Page mu
- CVE-2023-52610Mar 18, 2024affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph w
Page 13 of 13