VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_45&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_45&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (227)

  • CVE-2022-48673May 3, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed with WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not wait for

  • CVE-2024-26930May 1, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function

  • CVE-2022-48636Apr 28, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The pavgroup pointer is checked on the entranc

  • CVE-2024-26925MedApr 25, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC

  • CVE-2024-26923MedApr 25, 2024
    affected < 2-150300.7.6.1fixed 2-150300.7.6.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM

  • CVE-2024-26921Apr 18, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call retu

  • CVE-2024-26828Apr 17, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b

  • CVE-2021-47200Apr 10, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap drm_gem_ttm_mmap() drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drm_gem_prime_mmap(), that drop will

  • CVE-2021-47192Apr 10, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with: commit f0f82e2476f6 ("scsi: core: Fix capacity set to zero after offlinining device") The problem is that aft

  • CVE-2024-26643MedMar 21, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it

  • CVE-2023-52591Mar 6, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if

  • CVE-2021-47104Mar 4, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() The wrong goto label was used for the error case and missed cleanup of the pkt allocation. Addresses-Coverity-ID: 1493352 ("Resource leak")

  • CVE-2023-52581Mar 2, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before

  • CVE-2024-26581Feb 20, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not

  • CVE-2023-52433Feb 20, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig

  • CVE-2023-6531Jan 21, 2024
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.

  • CVE-2023-47233MedNov 3, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is r

  • CVE-2023-4244Sep 6, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to under

  • CVE-2023-0160Jul 18, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.

  • CVE-2023-2176Apr 20, 2023
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.

Page 11 of 12