VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4-RT_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (49)

  • CVE-2023-52340HigJul 5, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

  • CVE-2023-28746MedMar 14, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2021-47083HigMar 4, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix global-out-of-bounds issue When eint virtual eint number is greater than gpio number, it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.

  • CVE-2024-26622HigMar 4, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot

  • CVE-2023-52559MedMar 2, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommu_suspend() The iommu_suspend() syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFP_KERNEL flag may re-enable IRQs during the suspend

  • CVE-2023-52531HigMar 2, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc()'ed for: sizeof(struct iwl_nvm_data) + sizeof(struct ieee80211_channel) + sizeof(struct ieee80211_rate) 'mvm->nvm_data'

  • CVE-2023-52530HigMar 2, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will

  • CVE-2022-48627MedMar 2, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m

  • CVE-2024-26607MedFeb 29, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: [ 53.271356] sii902x_get_edid+0x34/0x70 [sii902x] [ 53.276066]

  • CVE-2023-52484MedFeb 29, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------

  • CVE-2023-52482HigFeb 29, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which exists on Hygon processors too.

  • CVE-2023-52478MedFeb 29, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has *four* time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs fro

  • CVE-2023-52475HigFeb 29, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. This happens when the device is disconnected, which leads to a memory free f

  • CVE-2021-46934LowFeb 27, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i

  • CVE-2021-46932MedFeb 27, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may hap

  • CVE-2021-46924MedFeb 27, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre

  • CVE-2021-46923MedFeb 27, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took

  • CVE-2019-25162HigFeb 26, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde

  • CVE-2024-26603MedFeb 26, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user

  • CVE-2024-26602MedFeb 26, 2024
    affected < 1-150400.1.3.1fixed 1-150400.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize

Page 1 of 3