rpm package
suse/kernel-livepatch-SLE15-SP4_Update_33&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_33&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (153)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21971 | — | < 16-150400.2.1 | 16-150400.2.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe | ||
| CVE-2025-21772 | Hig | 7.8 | < 10-150400.2.1 | 10-150400.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede | |
| CVE-2025-21756 | Hig | 7.8 | < 14-150400.2.1 | 14-150400.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un | |
| CVE-2025-21791 | — | < 15-150400.2.1 | 15-150400.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou | ||
| CVE-2022-49465 | — | < 10-150400.2.1 | 10-150400.2.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s | ||
| CVE-2022-49053 | — | < 13-150400.2.1 | 13-150400.2.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th | ||
| CVE-2025-21692 | Hig | 7.8 | < 15-150400.2.1 | 15-150400.2.1 | Feb 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo | |
| CVE-2024-57893 | — | < 10-150400.2.1 | 10-150400.2.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal | ||
| CVE-2024-56648 | — | < 4-150400.2.1 | 4-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend | ||
| CVE-2024-56605 | — | < 9-150400.2.1 | 9-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o | ||
| CVE-2024-56601 | — | < 9-150400.2.1 | 9-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o | ||
| CVE-2024-56558 | — | < 10-150400.2.1 | 10-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to | ||
| CVE-2024-53166 | Hig | 7.8 | < 10-150400.2.1 | 10-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq from bic without the loc | |
| CVE-2024-53214 | — | < 10-150400.2.1 | 10-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great | ||
| CVE-2024-53173 | — | < 10-150400.2.1 | 10-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs | ||
| CVE-2024-53168 | — | < 15-150400.2.1 | 15-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID | ||
| CVE-2024-53164 | — | < 17-150400.4.1 | 17-150400.4.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t | ||
| CVE-2024-53156 | — | < 7-150400.2.2 | 7-150400.2.2 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255 | ||
| CVE-2024-53146 | — | < 10-150400.2.1 | 10-150400.2.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that | ||
| CVE-2024-53141 | — | < 18-150400.2.1 | 18-150400.2.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f |
- CVE-2025-21971Apr 1, 2025affected < 16-150400.2.1fixed 16-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
- affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
- affected < 14-150400.2.1fixed 14-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
- CVE-2025-21791Feb 27, 2025affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou
- CVE-2022-49465Feb 26, 2025affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s
- CVE-2022-49053Feb 26, 2025affected < 13-150400.2.1fixed 13-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th
- affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
- CVE-2024-57893Jan 15, 2025affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
- CVE-2024-56648Dec 27, 2024affected < 4-150400.2.1fixed 4-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend
- CVE-2024-56605Dec 27, 2024affected < 9-150400.2.1fixed 9-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o
- CVE-2024-56601Dec 27, 2024affected < 9-150400.2.1fixed 9-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o
- CVE-2024-56558Dec 27, 2024affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
- affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq from bic without the loc
- CVE-2024-53214Dec 27, 2024affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great
- CVE-2024-53173Dec 27, 2024affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs
- CVE-2024-53168Dec 27, 2024affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
- CVE-2024-53164Dec 27, 2024affected < 17-150400.4.1fixed 17-150400.4.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t
- CVE-2024-53156Dec 24, 2024affected < 7-150400.2.2fixed 7-150400.2.2
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255
- CVE-2024-53146Dec 24, 2024affected < 10-150400.2.1fixed 10-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that
- CVE-2024-53141Dec 6, 2024affected < 18-150400.2.1fixed 18-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f
Page 2 of 8