rpm package
suse/kernel-livepatch-SLE15-SP3_Update_52&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_52&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (36)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-56558 | — | < 7-150300.2.1 | 7-150300.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to | ||
| CVE-2024-56548 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like | ||
| CVE-2024-56539 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa | ||
| CVE-2024-53239 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as | ||
| CVE-2024-53214 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great | ||
| CVE-2024-53179 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas | ||
| CVE-2024-53173 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs | ||
| CVE-2024-53168 | — | < 12-150300.2.1 | 12-150300.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID | ||
| CVE-2024-53156 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255 | ||
| CVE-2024-53146 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that | ||
| CVE-2024-53240 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t | ||
| CVE-2024-53144 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ | ||
| CVE-2024-53142 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG | ||
| CVE-2024-8805 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Nov 22, 2024 | BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific | ||
| CVE-2024-36978 | Hig | 7.8 | < 9-150300.2.1 | 9-150300.2.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw | |
| CVE-2023-52524 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered. |
- CVE-2024-56558Dec 27, 2024affected < 7-150300.2.1fixed 7-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
- CVE-2024-56548Dec 27, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like
- CVE-2024-56539Dec 27, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa
- CVE-2024-53239Dec 27, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as
- CVE-2024-53214Dec 27, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great
- CVE-2024-53179Dec 27, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas
- CVE-2024-53173Dec 27, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs
- CVE-2024-53168Dec 27, 2024affected < 12-150300.2.1fixed 12-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
- CVE-2024-53156Dec 24, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255
- CVE-2024-53146Dec 24, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that
- CVE-2024-53240Dec 24, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t
- CVE-2024-53144Dec 17, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ
- CVE-2024-53142Dec 6, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG
- CVE-2024-8805Nov 22, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific
- affected < 9-150300.2.1fixed 9-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw
- CVE-2023-52524Mar 2, 2024affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered.
Page 2 of 2