rpm package
suse/kernel-livepatch-SLE15-SP4_Update_31&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_31&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (119)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52911 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode (e.g. iMX platforms). Unable to handle kernel NULL point | ||
| CVE-2023-52907 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() Fix a use-after-free that occurs in hcd when in_urb sent from pn533_usb_send_frame() is completed earlier than out_urb. Its callback frees the | ||
| CVE-2023-52905 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix resource leakage in VF driver unbind resources allocated like mcam entries to support the Ntuple feature and hash tables for the tc feature are not getting freed in driver unbind. This patch f | ||
| CVE-2023-52901 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check endpoint is valid before dereferencing it When the host controller is not responding, all URBs queued to all endpoints need to be killed. This can cause a kernel panic if we dereference an inva | ||
| CVE-2023-52900 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix general protection fault in nilfs_btree_insert() If nilfs2 reads a corrupted disk image and tries to reads a b-tree node block by calling __nilfs_btree_get_block() against an invalid virtual block a | ||
| CVE-2023-52898 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhci_free_dev() and xhci_kill_endpoint_urbs() do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhci_free_dev | ||
| CVE-2023-52896 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota rescan and disable leading to NULL pointer deref If we have one task trying to start the quota rescan worker while another one is trying to disable quotas, we can end up hitting a | ||
| CVE-2023-52894 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unreproducible crash report from an aarch64 GKI 5.10.149-android13 running device. | ||
| CVE-2023-52893 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we must allow for that in gsmi. commit 859748255b43 ("efi: pstore: Omit efivars caching EFI varstore access | ||
| CVE-2022-48899 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix GEM handle creation UAF Userspace can guess the handle value and try to race GEM object creation with handle close, resulting in a use-after-free if we dereference the object after dropping the | ||
| CVE-2022-48898 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer There are 3 possible interrupt sources are handled by DP controller, HPDstatus, Controller state changes and Aux read/write transa | ||
| CVE-2022-48896 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix pci device refcount leak As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI device with refcount incremented, when finish using it, the caller must decrement the reference count b | ||
| CVE-2022-48891 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: regulator: da9211: Use irq handler when ready If the system does not come from reset (like when it is kexec()), the regulator might have an IRQ waiting for us. If we enable the IRQ handler before its structure | ||
| CVE-2022-48890 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(), which in a confidential VM allocates swiotlb bounce buffers. If the I/O | ||
| CVE-2022-48880 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In that case, the request should be freed via ssam_request_sync_free(). Currently it | ||
| CVE-2022-48878 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Fix driver shutdown on closed serdev The driver shutdown callback (which sends EDL_SOC_RESET to the device over serdev) should not be invoked when HCI device is not open (e.g. if hci_dev_ope | ||
| CVE-2022-48875 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test mul | ||
| CVE-2022-48873 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release Do not remove the map from the list on error path in fastrpc_init_create_process, instead call fastrpc_map_put, to avoid use-after-free. Do | ||
| CVE-2022-48872 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpc_map_get() until map->fl->lock is taken in fastrpc_free_map(), another thread can call fastrpc_map_lookup( | ||
| CVE-2022-48871 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO (port->rx_fifo) based on default RX FIFO depth, e.g. 16. Later during serial startup the qcom |
- CVE-2023-52911Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode (e.g. iMX platforms). Unable to handle kernel NULL point
- CVE-2023-52907Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() Fix a use-after-free that occurs in hcd when in_urb sent from pn533_usb_send_frame() is completed earlier than out_urb. Its callback frees the
- CVE-2023-52905Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix resource leakage in VF driver unbind resources allocated like mcam entries to support the Ntuple feature and hash tables for the tc feature are not getting freed in driver unbind. This patch f
- CVE-2023-52901Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check endpoint is valid before dereferencing it When the host controller is not responding, all URBs queued to all endpoints need to be killed. This can cause a kernel panic if we dereference an inva
- CVE-2023-52900Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix general protection fault in nilfs_btree_insert() If nilfs2 reads a corrupted disk image and tries to reads a b-tree node block by calling __nilfs_btree_get_block() against an invalid virtual block a
- CVE-2023-52898Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhci_free_dev() and xhci_kill_endpoint_urbs() do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhci_free_dev
- CVE-2023-52896Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota rescan and disable leading to NULL pointer deref If we have one task trying to start the quota rescan worker while another one is trying to disable quotas, we can end up hitting a
- CVE-2023-52894Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unreproducible crash report from an aarch64 GKI 5.10.149-android13 running device.
- CVE-2023-52893Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we must allow for that in gsmi. commit 859748255b43 ("efi: pstore: Omit efivars caching EFI varstore access
- CVE-2022-48899Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix GEM handle creation UAF Userspace can guess the handle value and try to race GEM object creation with handle close, resulting in a use-after-free if we dereference the object after dropping the
- CVE-2022-48898Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer There are 3 possible interrupt sources are handled by DP controller, HPDstatus, Controller state changes and Aux read/write transa
- CVE-2022-48896Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix pci device refcount leak As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI device with refcount incremented, when finish using it, the caller must decrement the reference count b
- CVE-2022-48891Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: regulator: da9211: Use irq handler when ready If the system does not come from reset (like when it is kexec()), the regulator might have an IRQ waiting for us. If we enable the IRQ handler before its structure
- CVE-2022-48890Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(), which in a confidential VM allocates swiotlb bounce buffers. If the I/O
- CVE-2022-48880Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In that case, the request should be freed via ssam_request_sync_free(). Currently it
- CVE-2022-48878Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Fix driver shutdown on closed serdev The driver shutdown callback (which sends EDL_SOC_RESET to the device over serdev) should not be invoked when HCI device is not open (e.g. if hci_dev_ope
- CVE-2022-48875Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test mul
- CVE-2022-48873Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release Do not remove the map from the list on error path in fastrpc_init_create_process, instead call fastrpc_map_put, to avoid use-after-free. Do
- CVE-2022-48872Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpc_map_get() until map->fl->lock is taken in fastrpc_free_map(), another thread can call fastrpc_map_lookup(
- CVE-2022-48871Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO (port->rx_fifo) based on default RX FIFO depth, e.g. 16. Later during serial startup the qcom
Page 5 of 6