rpm package
suse/kernel-livepatch-SLE15-SP2_Update_43&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_43&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-43861 | — | < 14-150200.2.1 | 14-150200.2.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | ||
| CVE-2024-36904 | Hig | 7.8 | < 14-150200.2.1 | 14-150200.2.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat | |
| CVE-2021-47383 | — | < 9-150200.2.1 | 9-150200.2.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bi | ||
| CVE-2024-35950 | Med | 5.5 | < 10-150200.2.1 | 10-150200.2.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo | |
| CVE-2024-27398 | — | < 10-150200.2.1 | 10-150200.2.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection | ||
| CVE-2022-48651 | — | < 7-150200.2.1 | 7-150200.2.1 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit() | ||
| CVE-2024-26923 | Med | 4.7 | < 9-150200.2.1 | 9-150200.2.1 | Apr 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM | |
| CVE-2024-26852 | Hig | 7.8 | < 8-150200.2.2 | 8-150200.2.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit f7225172f25a ("net/ipv6: prevent use after free in ip6_route_mpath_notify") w | |
| CVE-2024-26828 | — | < 9-150200.2.1 | 9-150200.2.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b | ||
| CVE-2023-52502 | — | < 7-150200.2.1 | 7-150200.2.1 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s | ||
| CVE-2023-51779 | Hig | 7.0 | < 4-150200.2.3 | 4-150200.2.3 | Feb 29, 2024 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | |
| CVE-2021-46955 | — | < 8-150200.2.2 | 8-150200.2.2 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN | ||
| CVE-2024-26585 | — | < 7-150200.2.1 | 7-150200.2.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling | ||
| CVE-2024-1086 | — | KEV | < 6-150200.2.1 | 6-150200.2.1 | Jan 31, 2024 | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau | |
| CVE-2024-23307 | Med | 4.4 | < 9-150200.2.1 | 9-150200.2.1 | Jan 25, 2024 | Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | |
| CVE-2023-39197 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Jan 23, 2024 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | ||
| CVE-2024-0775 | — | < 6-150200.2.1 | 6-150200.2.1 | Jan 22, 2024 | A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. | ||
| CVE-2023-6531 | — | < 4-150200.2.3 | 4-150200.2.3 | Jan 21, 2024 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | ||
| CVE-2023-51780 | — | < 3-150200.2.1 | 3-150200.2.1 | Dec 25, 2023 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | ||
| CVE-2023-6546 | — | < 7-150200.2.1 | 7-150200.2.1 | Dec 21, 2023 | A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci |
- CVE-2024-43861Aug 20, 2024affected < 14-150200.2.1fixed 14-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- affected < 14-150200.2.1fixed 14-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat
- CVE-2021-47383May 21, 2024affected < 9-150200.2.1fixed 9-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bi
- affected < 10-150200.2.1fixed 10-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo
- CVE-2024-27398May 13, 2024affected < 10-150200.2.1fixed 10-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection
- CVE-2022-48651Apr 28, 2024affected < 7-150200.2.1fixed 7-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit()
- affected < 9-150200.2.1fixed 9-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM
- affected < 8-150200.2.2fixed 8-150200.2.2
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit f7225172f25a ("net/ipv6: prevent use after free in ip6_route_mpath_notify") w
- CVE-2024-26828Apr 17, 2024affected < 9-150200.2.1fixed 9-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b
- CVE-2023-52502Mar 2, 2024affected < 7-150200.2.1fixed 7-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s
- affected < 4-150200.2.3fixed 4-150200.2.3
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
- CVE-2021-46955Feb 27, 2024affected < 8-150200.2.2fixed 8-150200.2.2
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN
- CVE-2024-26585Feb 21, 2024affected < 7-150200.2.1fixed 7-150200.2.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling
- affected < 6-150200.2.1fixed 6-150200.2.1
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cau
- affected < 9-150200.2.1fixed 9-150200.2.1
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
- CVE-2023-39197Jan 23, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
- CVE-2024-0775Jan 22, 2024affected < 6-150200.2.1fixed 6-150200.2.1
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
- CVE-2023-6531Jan 21, 2024affected < 4-150200.2.3fixed 4-150200.2.3
A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
- CVE-2023-51780Dec 25, 2023affected < 3-150200.2.1fixed 3-150200.2.1
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
- CVE-2023-6546Dec 21, 2023affected < 7-150200.2.1fixed 7-150200.2.1
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci
Page 1 of 2