VYPR

rpm package

suse/kernel-livepatch-SLE15-SP2_Update_49&distro=SUSE Linux Enterprise Live Patching 15 SP2

pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_49&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Vulnerabilities (140)

  • CVE-2021-47302May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igc_poll() runs while the contro

  • CVE-2021-47301May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igb_poll() runs while the contro

  • CVE-2021-47296May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues.

  • CVE-2021-47291May 21, 2024
    affected < 3-150200.5.6.1fixed 3-150200.5.6.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79

  • CVE-2021-47289May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer that was possibly NULL. That fails misera

  • CVE-2021-47288May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() Fix an 11-year old bug in ngene_command_config_free_buf() while addressing the following warnings caught with -Warray-bounds: arch/alpha/i

  • CVE-2021-47284May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized and is bigger than zero. A subsequent call to 'nj_release' will free the irq t

  • CVE-2021-47280May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drm_getunique() There is a time-of-check-to-time-of-use error in drm_getunique() due to retrieving file_priv->master prior to locking the device's master mutex. An example can b

  • CVE-2021-47276May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) return

  • CVE-2021-47275May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cached

  • CVE-2021-47274May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We've suffered from severe kernel crashes due to memory corruption on our production environment, like, Call Trace: [1640542.554277] general pro

  • CVE-2021-47270May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadgets null ptr deref on 10gbps cabling. This avoids a null pointer dereference in f_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm} by simply reusing the 5gbps config for 10

  • CVE-2021-47269May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3_wIndex_to_dep() and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configuratio

  • CVE-2021-47267May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-

  • CVE-2021-47261May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function init_cq_frag_buf() can be called to initialize the current CQ fragments buffer cq->buf, or the temporary cq->resize_buf that is filled during CQ resize

  • CVE-2021-47260May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential NULL dereference in nfs_get_client() None of the callers are expecting NULL returns from nfs_get_client() so this code will lead to an Oops. It's better to return an error pointer. I expe

  • CVE-2021-47259May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4_init_client() KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to hit this

  • CVE-2021-47255May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such

  • CVE-2021-47254May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in gfs2_glock_shrink_scan The GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() to remove the glock from the lru list in __gfs2_glock_put(). On the shrink scan pat

  • CVE-2021-47252May 21, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid WARN_ON timing related checks The soft/batadv interface for a queued OGM can be changed during the time the OGM was queued for transmission and when the OGM is actually transmitted by the work

Page 5 of 7