rpm package
suse/kernel-livepatch-SLE15-SP2_Update_47&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_47&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (135)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-46961 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Do not enable irqs when handling spurious interrups We triggered the following error while running our 4.19 kernel with the pseudo-NMI patches backported to it: [ 14.816231] ------------[ cut | ||
| CVE-2021-46960 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947] | ||
| CVE-2021-46958 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which le | ||
| CVE-2021-46955 | — | < 3-150200.5.6.2 | 3-150200.5.6.2 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN | ||
| CVE-2021-46951 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpm_read_log_efi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efi_tp | ||
| CVE-2021-46950 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being | ||
| CVE-2021-46944 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix memory leak in imu_fmt We are losing the reference to an allocated memory if try. Change the order of the check to avoid that. | ||
| CVE-2021-46943 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix set_fmt error handling If there in an error during a set_fmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating | ||
| CVE-2021-46939 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back | ||
| CVE-2021-46938 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails When loading a device-mapper table for a request-based mapped device, and the allocation/initialization of the blk_mq_tag_set for th | ||
| CVE-2021-46930 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34 | ||
| CVE-2021-46921 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. The writer side loops checking the va | ||
| CVE-2021-46909 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probe | ||
| CVE-2023-52474 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe | ||
| CVE-2022-48626 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and | ||
| CVE-2023-52470 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref. | ||
| CVE-2023-52469 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t | ||
| CVE-2024-26600 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et | ||
| CVE-2023-52454 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel | ||
| CVE-2023-6536 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Feb 7, 2024 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial |
- CVE-2021-46961Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Do not enable irqs when handling spurious interrups We triggered the following error while running our 4.19 kernel with the pseudo-NMI patches backported to it: [ 14.816231] ------------[ cut
- CVE-2021-46960Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947]
- CVE-2021-46958Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which le
- CVE-2021-46955Feb 27, 2024affected < 3-150200.5.6.2fixed 3-150200.5.6.2
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN
- CVE-2021-46951Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpm_read_log_efi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efi_tp
- CVE-2021-46950Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being
- CVE-2021-46944Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix memory leak in imu_fmt We are losing the reference to an allocated memory if try. Change the order of the check to avoid that.
- CVE-2021-46943Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix set_fmt error handling If there in an error during a set_fmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating
- CVE-2021-46939Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back
- CVE-2021-46938Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails When loading a device-mapper table for a request-based mapped device, and the allocation/initialization of the blk_mq_tag_set for th
- CVE-2021-46930Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34
- CVE-2021-46921Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. The writer side loops checking the va
- CVE-2021-46909Feb 27, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probe
- CVE-2023-52474Feb 26, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe
- CVE-2022-48626Feb 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and
- CVE-2023-52470Feb 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.
- CVE-2023-52469Feb 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t
- CVE-2024-26600Feb 24, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et
- CVE-2023-52454Feb 23, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel
- CVE-2023-6536Feb 7, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial
Page 6 of 7