rpm package

suse/kernel-livepatch-SLE15-SP2_Update_51&distro=SUSE Linux Enterprise Live Patching 15 SP2

pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_51&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Vulnerabilities (27)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-43861		—	< 2-150200.5.6.1	2-150200.5.6.1	Aug 20, 2024	In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
CVE-2024-42145		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 30, 2024	In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra
CVE-2024-41069		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: ASoC: topology: Fix references to freed memory Most users after parsing a topology file, release memory used by it, so having pointer references directly into topology file contents is wrong. Use devm_kmemdup()
CVE-2024-41059		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x
CVE-2024-41090		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Ev
CVE-2024-41011		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 18, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re
CVE-2022-48821		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 16, 2024	In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF ioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact, dma_buf_fd(
CVE-2022-48792		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 16, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_
CVE-2023-52885		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 14, 2024	In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis
CVE-2024-40937		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags
CVE-2024-39494		—	< 1-150200.5.3.1	1-150200.5.3.1	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren
CVE-2021-47600		—	< 1-150200.5.3.1	1-150200.5.3.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec().
CVE-2021-47598		—	< 1-150200.5.3.1	1-150200.5.3.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D
CVE-2021-47580		—	< 1-150200.5.3.1	1-150200.5.3.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va
CVE-2024-38559	Med	4.4	< 1-150200.5.3.1	1-150200.5.3.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t
CVE-2024-36974	Hig	7.8	< 1-150200.5.3.1	1-150200.5.3.1	Jun 18, 2024	In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k
CVE-2021-47520		—	< 1-150200.5.3.1	1-150200.5.3.1	May 24, 2024	In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n
CVE-2021-47506		—	< 1-150200.5.3.1	1-150200.5.3.1	May 24, 2024	In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the
CVE-2021-47291		—	< 1-150200.5.3.1	1-150200.5.3.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79
CVE-2023-52686		—	< 1-150200.5.3.1	1-150200.5.3.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

CVE-2024-43861Aug 20, 2024
affected < 2-150200.5.6.1fixed 2-150200.5.6.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
CVE-2024-42145Jul 30, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra
CVE-2024-41069Jul 29, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: topology: Fix references to freed memory Most users after parsing a topology file, release memory used by it, so having pointer references directly into topology file contents is wrong. Use devm_kmemdup()
CVE-2024-41059Jul 29, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x
CVE-2024-41090Jul 29, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Ev
CVE-2024-41011Jul 18, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re
CVE-2022-48821Jul 16, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF ioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact, dma_buf_fd(
CVE-2022-48792Jul 16, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_
CVE-2023-52885Jul 14, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis
CVE-2024-40937Jul 12, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags
CVE-2024-39494Jul 12, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren
CVE-2021-47600Jun 19, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec().
CVE-2021-47598Jun 19, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D
CVE-2021-47580Jun 19, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va
CVE-2024-38559MedJun 19, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t
CVE-2024-36974HigJun 18, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k
CVE-2021-47520May 24, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n
CVE-2021-47506May 24, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the
CVE-2021-47291May 21, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79
CVE-2023-52686May 17, 2024
affected < 1-150200.5.3.1fixed 1-150200.5.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

Page 1 of 2