VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_25&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_25&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (120)

  • CVE-2021-47096Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation.

  • CVE-2021-47095Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssif_info->client early During probe ssif_info->client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kerne

  • CVE-2021-47094Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmu_lock in the TDP MMU, restart the iterator during tdp_iter_next() and do not advance the iterator. Advancing the iterator re

  • CVE-2021-47093Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel_pmc_core: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platform_device_put() to p

  • CVE-2021-47091Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: mac80211: fix locking in ieee80211_start_ap error path We need to hold the local->mtx to release the channel context, as even encoded by the lockdep_assert_held() there. Fix it.

  • CVE-2021-47087Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this p

  • CVE-2021-47082Mar 4, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tun_free_netdev Avoid double free in tun_free_netdev() by moving the dev->tstats and tun->security allocs to a new ndo_init routine (tun_net_init()) that will be called by register_net

  • CVE-2023-52582Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: netfs: Only call folio_start_fscache() one time for each folio If a network filesystem using netfs implements a clamp_length() function, it can set subrequest lengths smaller than a page size. When we loop thr

  • CVE-2023-52576Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() The code calling ima_free_kexec_buffer() runs long after the memblock allocator has already been torn down, potentially resulting in a u

  • CVE-2023-52574Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer [1]. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlan_dev_hard_he

  • CVE-2023-52569Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG() after failure to insert delayed dir index item Instead of calling BUG() when we fail to insert a delayed dir index item into the delayed node's tree, we can just release all the resources we

  • CVE-2023-52567Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250_port: Check IRQ data before use In case the leaf driver wants to use IRQ polling (irq = 0) and IIR register shows that an interrupt happened in the 8250 hardware the IRQ data can be NULL. In such a

  • CVE-2023-52566Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() In nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the reference count of bh when the call to nilfs_dat_translate() fails.

  • CVE-2023-52564Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" This reverts commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The commit above is reverted as it did not solve the original issue. gsm_cleanup_mux() tries to fr

  • CVE-2023-52532Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably from a newer hardware), still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors

  • CVE-2023-52529Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential memory leak in sony_probe() If an error occurs after a successful usb_alloc_urb() call, usb_free_urb() should be called.

  • CVE-2023-52528Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg syzbot reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in sms

  • CVE-2023-52525Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet Only skip the code path trying to access the rfc1042 headers when the buffer is too small, so the driver can still process packets without rfc

  • CVE-2023-52524Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered.

  • CVE-2023-52523Mar 2, 2024
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets With a SOCKMAP/SOCKHASH map and an sk_msg program user can steer messages sent from one TCP socket (s1) to actually egress from another TCP socket

Page 4 of 6