rpm package

suse/kernel-livepatch-MICRO-6-0_Update_3&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_3&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (246)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-50124		—	< 7-1.2	7-1.2	Nov 5, 2024	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.
CVE-2024-50115		—	< 5-1.2	5-1.2	Nov 5, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
CVE-2024-49974		—	< 14-1.2	14-1.2	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit
CVE-2024-49867		—	< 11-1.2	11-1.2	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the k
CVE-2024-49855		—	< 6-1.2	6-1.2	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free
CVE-2024-47706	Med	5.5	< 11-1.2	11-1.2	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) \| Λ \| Λ \| Λ \| \|
CVE-2024-47684	Med	5.5	< 3-1.2	3-1.2	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r
CVE-2024-47674		—	< 11-1.2	11-1.2	Oct 15, 2024	In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are special, because unlike normal memory mappings, there is no lifetime information associated with the mapping - it
CVE-2024-46822		—	< 1-1.2	1-1.2	Sep 27, 2024	In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted th
CVE-2024-46786	Hig	7.8	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF The fscache_cookie_lru_timer is initialized when the fscache module is inserted, but is not deleted when the fscache module is removed. I
CVE-2024-46783	Med	5.5	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will result in sending a sk_msg larger than the current message size. In this case, in
CVE-2024-46759	Hig	7.8	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user.
CVE-2024-46750	Med	5.5	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is this sequence: WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pci_bridge_seco
CVE-2024-46746	Hig	7.8	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid device HID driver callbacks aren't called anymore once hid_destroy_device() has been called. Hence, hid driver_data should be freed only after the hid_destroy
CVE-2024-46745	Med	5.5	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failur
CVE-2024-46744	Hig	7.8	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read
CVE-2024-46743	Hig	7.1	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of_irq_parse_raw() is invoked with a device address smaller than the interrupt parent node (from #address-cells property), KASAN dete
CVE-2024-46725	Hig	7.8	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix the out-of-bounds write warning
CVE-2024-46715	Med	5.5	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysf
CVE-2024-46798		—	< 1-1.2	1-1.2	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object When using kernel with the following extra config, - CONFIG_KASAN=y - CONFIG_KASAN_GENERIC=y - CONFIG_KASAN_INLINE=y - CONFIG_KASAN_VMALLOC=y - CONF

CVE-2024-50124Nov 5, 2024
affected < 7-1.2fixed 7-1.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.
CVE-2024-50115Nov 5, 2024
affected < 5-1.2fixed 5-1.2
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
CVE-2024-49974Oct 21, 2024
affected < 14-1.2fixed 14-1.2
In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit
CVE-2024-49867Oct 21, 2024
affected < 11-1.2fixed 11-1.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the k
CVE-2024-49855Oct 21, 2024
affected < 6-1.2fixed 6-1.2
In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free
CVE-2024-47706MedOct 21, 2024
affected < 11-1.2fixed 11-1.2
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ | Λ | Λ | |
CVE-2024-47684MedOct 21, 2024
affected < 3-1.2fixed 3-1.2
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r
CVE-2024-47674Oct 15, 2024
affected < 11-1.2fixed 11-1.2
In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are special, because unlike normal memory mappings, there is no lifetime information associated with the mapping - it
CVE-2024-46822Sep 27, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted th
CVE-2024-46786HigSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF The fscache_cookie_lru_timer is initialized when the fscache module is inserted, but is not deleted when the fscache module is removed. I
CVE-2024-46783MedSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will result in sending a sk_msg larger than the current message size. In this case, in
CVE-2024-46759HigSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user.
CVE-2024-46750MedSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is this sequence: WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pci_bridge_seco
CVE-2024-46746HigSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid device HID driver callbacks aren't called anymore once hid_destroy_device() has been called. Hence, hid driver_data should be freed only after the hid_destroy
CVE-2024-46745MedSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failur
CVE-2024-46744HigSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read
CVE-2024-46743HigSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of_irq_parse_raw() is invoked with a device address smaller than the interrupt parent node (from #address-cells property), KASAN dete
CVE-2024-46725HigSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning Check the ring type value to fix the out-of-bounds write warning
CVE-2024-46715MedSep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysf
CVE-2024-46798Sep 18, 2024
affected < 1-1.2fixed 1-1.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object When using kernel with the following extra config, - CONFIG_KASAN=y - CONFIG_KASAN_GENERIC=y - CONFIG_KASAN_INLINE=y - CONFIG_KASAN_VMALLOC=y - CONF

Page 5 of 13