rpm package
suse/kernel-livepatch-SLE15-SP2_Update_50&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_50&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (42)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52707 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu | ||
| CVE-2021-47379 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: [693354.104835] ================================================================ | ||
| CVE-2021-47372 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is released by platform_device_unregister(), use of pclk and hclk is a use-after-free. Since device unregister won't need a clk device we adju | ||
| CVE-2021-47368 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint irq_set_affinity_hit() stores a reference to the cpumask_t parameter in the irq descriptor, and that reference can be accessed later from irq_affinity_hint_p | ||
| CVE-2021-47328 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still acce | ||
| CVE-2021-47311 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of | ||
| CVE-2021-47291 | — | < 2-150200.5.6.1 | 2-150200.5.6.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79 | ||
| CVE-2021-47247 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5e_rep_neigh_update() wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent e | ||
| CVE-2024-35950 | Med | 5.5 | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo | |
| CVE-2024-35878 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr | ||
| CVE-2024-35864 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35862 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35861 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35789 | Hig | 7.8 | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c | |
| CVE-2024-26923 | Med | 4.7 | < 1-150200.5.3.1 | 1-150200.5.3.1 | Apr 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM | |
| CVE-2024-26921 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Apr 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call retu | ||
| CVE-2022-22942 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Dec 13, 2023 | The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer. | ||
| CVE-2023-24023 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Nov 28, 2023 | Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF | ||
| CVE-2022-2938 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Aug 23, 2022 | A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. | ||
| CVE-2022-0435 | Hig | 8.8 | < 1-150200.5.3.1 | 1-150200.5.3.1 | Mar 25, 2022 | A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate |
- CVE-2023-52707May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu
- CVE-2021-47379May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: [693354.104835] ================================================================
- CVE-2021-47372May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is released by platform_device_unregister(), use of pclk and hclk is a use-after-free. Since device unregister won't need a clk device we adju
- CVE-2021-47368May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint irq_set_affinity_hit() stores a reference to the cpumask_t parameter in the irq descriptor, and that reference can be accessed later from irq_affinity_hint_p
- CVE-2021-47328May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still acce
- CVE-2021-47311May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of
- CVE-2021-47291May 21, 2024affected < 2-150200.5.6.1fixed 2-150200.5.6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79
- CVE-2021-47247May 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5e_rep_neigh_update() wasn't updated to accommodate rtnl lock removal from TC filter update path and properly handle concurrent e
- affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo
- CVE-2024-35878May 19, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr
- CVE-2024-35864May 19, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35862May 19, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35861May 19, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c
- affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM
- CVE-2024-26921Apr 18, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call retu
- CVE-2022-22942Dec 13, 2023affected < 1-150200.5.3.1fixed 1-150200.5.3.1
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
- CVE-2023-24023Nov 28, 2023affected < 1-150200.5.3.1fixed 1-150200.5.3.1
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUF
- CVE-2022-2938Aug 23, 2022affected < 1-150200.5.3.1fixed 1-150200.5.3.1
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
- affected < 1-150200.5.3.1fixed 1-150200.5.3.1
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate
Page 2 of 3