rpm package

suse/kernel-livepatch-SLE15-SP3_Update_48&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (108)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2025-21692	Hig	7.8		< 18-150300.2.1	18-150300.2.1	Feb 10, 2025	In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
CVE-2024-57893		—		< 13-150300.2.1	13-150300.2.1	Jan 15, 2025	In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
CVE-2024-56664		—		< 14-150300.2.1	14-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
CVE-2024-56650		—		< 9-150300.2.1	9-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta
CVE-2024-56600		—		< 8-150300.2.1	8-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the
CVE-2024-56558		—		< 13-150300.2.1	13-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
CVE-2024-53214		—		< 13-150300.2.1	13-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great
CVE-2024-53173		—		< 13-150300.2.1	13-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs
CVE-2024-53168		—		< 18-150300.2.1	18-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
CVE-2024-53156		—		< 10-150300.2.2	10-150300.2.2	Dec 24, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255
CVE-2024-53146		—		< 13-150300.2.1	13-150300.2.1	Dec 24, 2024	In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that
CVE-2024-53104		—	KEV	< 5-150300.2.1	5-150300.2.1	Dec 2, 2024	In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra
CVE-2024-50302	Med	5.5	KEV	< 6-150300.2.1	6-150300.2.1	Nov 19, 2024	In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k
CVE-2024-50264		—		< 2-150300.7.6.1	2-150300.7.6.1	Nov 19, 2024	In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. T
CVE-2024-50205	Med	5.5		< 9-150300.2.1	9-150300.2.1	Nov 8, 2024	In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check be
CVE-2024-50208		—		< 13-150300.2.1	13-150300.2.1	Nov 8, 2024	In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (co
CVE-2024-50154		—		< 18-150300.2.1	18-150300.2.1	Nov 7, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc
CVE-2024-50115		—		< 10-150300.2.2	10-150300.2.2	Nov 5, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
CVE-2022-49025		—		< 7-150300.2.1	7-150300.2.1	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the
CVE-2022-49014		—		< 8-150300.2.1	8-150300.2.1	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like below: ================================================================== BUG: KASA

CVE-2025-21692HigFeb 10, 2025
affected < 18-150300.2.1fixed 18-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
CVE-2024-57893Jan 15, 2025
affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
CVE-2024-56664Dec 27, 2024
affected < 14-150300.2.1fixed 14-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
CVE-2024-56650Dec 27, 2024
affected < 9-150300.2.1fixed 9-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta
CVE-2024-56600Dec 27, 2024
affected < 8-150300.2.1fixed 8-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the
CVE-2024-56558Dec 27, 2024
affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
CVE-2024-53214Dec 27, 2024
affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great
CVE-2024-53173Dec 27, 2024
affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs
CVE-2024-53168Dec 27, 2024
affected < 18-150300.2.1fixed 18-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
CVE-2024-53156Dec 24, 2024
affected < 10-150300.2.2fixed 10-150300.2.2
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255
CVE-2024-53146Dec 24, 2024
affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that
CVE-2024-53104KEVDec 2, 2024
affected < 5-150300.2.1fixed 5-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra
CVE-2024-50302MedKEVNov 19, 2024
affected < 6-150300.2.1fixed 6-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k
CVE-2024-50264Nov 19, 2024
affected < 2-150300.7.6.1fixed 2-150300.7.6.1
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. T
CVE-2024-50205MedNov 8, 2024
affected < 9-150300.2.1fixed 9-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check be
CVE-2024-50208Nov 8, 2024
affected < 13-150300.2.1fixed 13-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (co
CVE-2024-50154Nov 7, 2024
affected < 18-150300.2.1fixed 18-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc
CVE-2024-50115Nov 5, 2024
affected < 10-150300.2.2fixed 10-150300.2.2
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
CVE-2022-49025Oct 21, 2024
affected < 7-150300.2.1fixed 7-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second one or afterwards fails the driver reverts usage of term tables but doesn't reset the
CVE-2022-49014Oct 21, 2024
affected < 8-150300.2.1fixed 8-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like below: ================================================================== BUG: KASA

Page 2 of 6