VYPR

rpm package

suse/kernel-livepatch-MICRO-6-0_Update_4&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_4&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (576)

  • CVE-2024-35888MedMay 19, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6erspan_rcv() (and erspan_rcv()) no longer make sure erspan_base_hdr is present in skb

  • CVE-2024-27407May 17, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr()

  • CVE-2024-27043May 1, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio

  • CVE-2024-27026May 1, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom WARNING:

  • CVE-2024-27017May 1, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view

  • CVE-2024-26953May 1, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool When the skb is reorganized during esp_output (!esp->inline), the pages coming from the original skb fragments are supposed to be released back to the system t

  • CVE-2024-26943May 1, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: handle kcalloc() allocation failure The kcalloc() in nouveau_dmem_evict_chunk() will return null if the physical memory has run out. As a result, if we dereference src_pfns, dst_pfns or dma_addrs,

  • CVE-2024-26864Apr 17, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in __inet_hash_connect(). syzbot reported a warning in sk_nulls_del_node_init_rcu(). The commit 66b60b0c8c4a ("dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalbli

  • CVE-2024-26782Apr 4, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin

  • CVE-2024-26767Apr 3, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check

  • CVE-2024-26761Apr 3, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist

  • CVE-2024-26758Apr 3, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't

  • CVE-2024-26741Apr 3, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->ics

  • CVE-2024-26703Apr 3, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimer_init to timerlat_fd open() Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the use

  • CVE-2024-26596MedFeb 23, 2024
    affected < 1-1.2fixed 1-1.2

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy

  • CVE-2023-6270Jan 4, 2024
    affected < 1-1.2fixed 1-1.2

    A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob

Page 29 of 29