rpm package
suse/kernel-livepatch-SLE15-SP4_Update_27&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (362)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36964 | — | < 4-150400.9.6.1 | 4-150400.9.6.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s | ||
| CVE-2024-36904 | Hig | 7.8 | < 6-150400.9.6.1 | 6-150400.9.6.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat | |
| CVE-2024-36899 | Hig | 7.0 | < 4-150400.9.6.1 | 4-150400.9.6.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed | |
| CVE-2024-36926 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI | ||
| CVE-2023-52880 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM | ||
| CVE-2021-47565 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object | ||
| CVE-2021-47564 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] | ||
| CVE-2021-47563 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpf_prog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndo_bpf op and VSI rebuild flow. The latter takes place for example when user changes queue | ||
| CVE-2021-47562 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->tx | ||
| CVE-2021-47560 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not | ||
| CVE-2021-47559 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next returns NULL (checked 29 o | ||
| CVE-2021-47558 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a k | ||
| CVE-2021-47556 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce() ethtool_set_coalesce() now uses both the .get_coalesce() and .set_coalesce() callbacks. But the check for their availability is buggy, so chang | ||
| CVE-2021-47554 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, this could happen when an error occurs before initializing the iova_domain in vdpasim_create(). | ||
| CVE-2021-47553 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringup_cpu() To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left ar | ||
| CVE-2021-47551 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch already been called, the start_cpsch will not | ||
| CVE-2021-47550 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix potential memleak In function amdgpu_get_xgmi_hive, when kobject_init_and_add failed There is a potential memleak if not call kobject_put. | ||
| CVE-2021-47549 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl When the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Linux, a bug is reported: ========================================================= | ||
| CVE-2021-47544 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root ca | ||
| CVE-2021-47542 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() In qlcnic_83xx_add_rings(), the indirect function of ahw->hw_ops->alloc_mbx_args will be called to allocate memory for cmd.req.arg, |
- CVE-2024-36964Jun 3, 2024affected < 4-150400.9.6.1fixed 4-150400.9.6.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s
- affected < 6-150400.9.6.1fixed 6-150400.9.6.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat
- affected < 4-150400.9.6.1fixed 4-150400.9.6.1
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed
- CVE-2024-36926May 30, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI
- CVE-2023-52880May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM
- CVE-2021-47565May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object
- CVE-2021-47564May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1]
- CVE-2021-47563May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpf_prog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndo_bpf op and VSI rebuild flow. The latter takes place for example when user changes queue
- CVE-2021-47562May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->tx
- CVE-2021-47560May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not
- CVE-2021-47559May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next returns NULL (checked 29 o
- CVE-2021-47558May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a k
- CVE-2021-47556May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce() ethtool_set_coalesce() now uses both the .get_coalesce() and .set_coalesce() callbacks. But the check for their availability is buggy, so chang
- CVE-2021-47554May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, this could happen when an error occurs before initializing the iova_domain in vdpasim_create().
- CVE-2021-47553May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringup_cpu() To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left ar
- CVE-2021-47551May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch already been called, the start_cpsch will not
- CVE-2021-47550May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix potential memleak In function amdgpu_get_xgmi_hive, when kobject_init_and_add failed There is a potential memleak if not call kobject_put.
- CVE-2021-47549May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl When the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Linux, a bug is reported: =========================================================
- CVE-2021-47544May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root ca
- CVE-2021-47542May 24, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() In qlcnic_83xx_add_rings(), the indirect function of ahw->hw_ops->alloc_mbx_args will be called to allocate memory for cmd.req.arg,
Page 3 of 19