VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_27&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (362)

  • CVE-2022-48703MedMay 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10). T

  • CVE-2022-48702May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a

  • CVE-2022-48701May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun

  • CVE-2022-48699May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in update_sched_domain_debugfs Kuyo reports that the pattern of using debugfs_remove(debugfs_lookup()) leaks a dentry and with a hotplug stress test, the machine eventually runs out

  • CVE-2022-48697May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607

  • CVE-2022-48694May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion. Fix

  • CVE-2022-48693May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks (2) we need to add

  • CVE-2022-48692May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereferenc

  • CVE-2022-48688May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b

  • CVE-2022-48687May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through

  • CVE-2022-48686May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sy

  • CVE-2022-48675May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by using mmput_async(). From the below call trace [1] can see that calling mmput() once we have the umem_odp->umem

  • CVE-2022-48673May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed with WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not wait for

  • CVE-2022-48672May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which m

  • CVE-2022-48671May 3, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgro

  • CVE-2024-26930May 1, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function

  • CVE-2022-48662Apr 28, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915_gem_context.link under ref protection i915_perf assumes that it can use the i915_gem_context reference to protect its i915->gem.contexts.list iteration. However, this requires tha

  • CVE-2022-48652Apr 28, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Prohibit improper channel config for DCB")

  • CVE-2022-48636Apr 28, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The pavgroup pointer is checked on the entranc

  • CVE-2022-48634Apr 28, 2024
    affected < 1-150400.9.3.2fixed 1-150400.9.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reaso