rpm package
suse/kernel-livepatch-SLE15-SP2_Update_51&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_51&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47219 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline] BUG: KASAN: slab | ||
| CVE-2021-47126 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: git://git.kernel.org/pub/scm | ||
| CVE-2024-26585 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling | ||
| CVE-2024-26584 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | ||
| CVE-2024-26583 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch | ||
| CVE-2021-0129 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | Jun 9, 2021 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2020-26558 | — | < 1-150200.5.3.1 | 1-150200.5.3.1 | May 24, 2021 | Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide |
- CVE-2021-47219Apr 10, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline] BUG: KASAN: slab
- CVE-2021-47126Mar 15, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: git://git.kernel.org/pub/scm
- CVE-2024-26585Feb 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling
- CVE-2024-26584Feb 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- CVE-2024-26583Feb 21, 2024affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch
- CVE-2021-0129Jun 9, 2021affected < 1-150200.5.3.1fixed 1-150200.5.3.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
- CVE-2020-26558May 24, 2021affected < 1-150200.5.3.1fixed 1-150200.5.3.1
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide
Page 2 of 2