rpm package

suse/kernel-livepatch-SLE15-SP3_Update_54&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_54&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (42)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2022-49053		—		< 7-150300.2.1	7-150300.2.1	Feb 26, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th
CVE-2025-21702	Hig	7.8		< 5-150300.2.1	5-150300.2.1	Feb 18, 2025	In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
CVE-2025-21692	Hig	7.8		< 9-150300.2.1	9-150300.2.1	Feb 10, 2025	In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
CVE-2023-52923		—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 20, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle
CVE-2024-57893		—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 15, 2025	In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
CVE-2024-57849		—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 11, 2025	In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP
CVE-2024-57798		—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 11, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot
CVE-2024-57791		—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 11, 2025	In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no
CVE-2024-56759		—		< 1-150300.7.3.1	1-150300.7.3.1	Jan 6, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
CVE-2024-56664		—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
CVE-2024-56658		—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->x
CVE-2024-56650		—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta
CVE-2024-56623		—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On settin
CVE-2024-56601		—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o
CVE-2024-56600		—		< 1-150300.7.3.1	1-150300.7.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the
CVE-2024-56558		—		< 4-150300.2.1	4-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
CVE-2024-53168		—		< 9-150300.2.1	9-150300.2.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
CVE-2024-53104		—	KEV	< 1-150300.7.3.1	1-150300.7.3.1	Dec 2, 2024	In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra
CVE-2024-50199		—		< 1-150300.7.3.1	1-150300.7.3.1	Nov 8, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and
CVE-2024-36978	Hig	7.8		< 6-150300.2.1	6-150300.2.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw

CVE-2022-49053Feb 26, 2025
affected < 7-150300.2.1fixed 7-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th
CVE-2025-21702HigFeb 18, 2025
affected < 5-150300.2.1fixed 5-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
CVE-2025-21692HigFeb 10, 2025
affected < 9-150300.2.1fixed 9-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
CVE-2023-52923Jan 20, 2025
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle
CVE-2024-57893Jan 15, 2025
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
CVE-2024-57849Jan 11, 2025
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP
CVE-2024-57798Jan 11, 2025
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot
CVE-2024-57791Jan 11, 2025
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no
CVE-2024-56759Jan 6, 2025
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
CVE-2024-56664Dec 27, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
CVE-2024-56658Dec 27, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst_ops_template into net->x
CVE-2024-56650Dec 27, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by ta
CVE-2024-56623Dec 27, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On settin
CVE-2024-56601Dec 27, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o
CVE-2024-56600Dec 27, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the
CVE-2024-56558Dec 27, 2024
affected < 4-150300.2.1fixed 4-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
CVE-2024-53168Dec 27, 2024
affected < 9-150300.2.1fixed 9-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
CVE-2024-53104KEVDec 2, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra
CVE-2024-50199Nov 8, 2024
affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and
CVE-2024-36978HigJun 19, 2024
affected < 6-150300.2.1fixed 6-150300.2.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw

Page 2 of 3