VYPR

rpm package

suse/kernel-livepatch-SLE15-SP2_Update_53&distro=SUSE Linux Enterprise Live Patching 15 SP2

pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_53&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Vulnerabilities (10)

  • CVE-2022-48945Sep 23, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not

  • CVE-2024-46774Sep 18, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and '

  • CVE-2024-46695Sep 13, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exporte

  • CVE-2024-45021Sep 11, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: memcg_write_event_control(): fix a user-triggerable oops we are *not* guaranteed that anything past the terminating NUL is mapped (let alone initialized with anything sane).

  • CVE-2024-45003Sep 4, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under the inode lru traversing context The inode reclaiming process(See function prune_icache_sb) collects all reclaimable inodes and mark them with I_FREEING flag at first, at that time,

  • CVE-2024-44946Aug 31, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported UAF in kcm_release(). [0] The scenario is 1. Thread A builds a skb with MSG_MORE and sets kcm->seq_skb. 2. Thread A resumes building s

  • CVE-2022-48911Aug 22, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet

  • CVE-2024-41087Jul 29, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri

  • CVE-2024-36971KEVJun 10, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca

  • CVE-2021-47069Mar 1, 2024
    affected < 1-150200.5.3.1fixed 1-150200.5.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local address. The sender (do_mq_timedsend) uses this address to later call pipelined_sen