rpm package
suse/kernel-livepatch-SLE15-SP4_Update_31&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_31&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (119)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48870 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spk_ttyio_release Run the following tests on the qemu platform: syzkaller:~# modprobe speakup_audptr input: Speakup as /devices/virtual/input/input4 initialized device: /d | ||
| CVE-2022-48869 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the | ||
| CVE-2022-48868 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes tha | ||
| CVE-2024-43882 | Hig | 7.0 | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer | |
| CVE-2024-43861 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | ||
| CVE-2024-43853 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro | ||
| CVE-2024-42271 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path | ||
| CVE-2024-42232 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Aug 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can re | ||
| CVE-2024-42230 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv i | ||
| CVE-2024-42126 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int | ||
| CVE-2024-42077 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2_dio_end_io_write() estimates number of necessary transaction credits using ocfs2_calc_extend_credits(). This however does not ta | ||
| CVE-2024-41087 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri | ||
| CVE-2024-41062 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection | ||
| CVE-2024-41011 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re | ||
| CVE-2024-41009 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer coun | ||
| CVE-2024-40910 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep | ||
| CVE-2024-26808 | — | < 15-150400.2.1 | 15-150400.2.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic | ||
| CVE-2023-52489 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA | ||
| CVE-2022-4382 | — | < 1-150400.9.3.2 | 1-150400.9.3.2 | Jan 10, 2023 | A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side. |
- CVE-2022-48870Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spk_ttyio_release Run the following tests on the qemu platform: syzkaller:~# modprobe speakup_audptr input: Speakup as /devices/virtual/input/input4 initialized device: /d
- CVE-2022-48869Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver, involving processes concurrently mounting and unmounting the
- CVE-2022-48868Aug 21, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes tha
- affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer
- CVE-2024-43861Aug 20, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- CVE-2024-43853Aug 17, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro
- CVE-2024-42271Aug 17, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path
- CVE-2024-42232Aug 7, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can re
- CVE-2024-42230Jul 30, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv i
- CVE-2024-42126Jul 30, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int
- CVE-2024-42077Jul 29, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2_dio_end_io_write() estimates number of necessary transaction credits using ocfs2_calc_extend_credits(). This however does not ta
- CVE-2024-41087Jul 29, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri
- CVE-2024-41062Jul 29, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection
- CVE-2024-41011Jul 18, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re
- CVE-2024-41009Jul 17, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer coun
- CVE-2024-40910Jul 12, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep
- CVE-2024-26808Apr 4, 2024affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic
- CVE-2023-52489Feb 29, 2024affected < 1-150400.9.3.2fixed 1-150400.9.3.2
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
- CVE-2022-4382Jan 10, 2023affected < 1-150400.9.3.2fixed 1-150400.9.3.2
A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side.
Page 6 of 6