suse/kernel-livepatch-SLE15-SP4_Update_35&distro=SUSE Linux Enterprise Live Patching 15 SP4

Vulnerabilities (56)

• CVE-2024-53239Dec 27, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as

• CVE-2024-53214Dec 27, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great

• CVE-2024-53206Dec 27, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsk_timer_handler(). The cited commit replaced inet_csk_reqsk_queue_drop_and_put() with __inet_csk_reqsk_queue_drop() and reqsk_put() in reqsk_timer_handler(). Then, oreq s

• CVE-2024-53179Dec 27, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas

• CVE-2024-53173Dec 27, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs

• CVE-2024-53156Dec 24, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255

• CVE-2024-53146Dec 24, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that

• CVE-2024-53241Dec 24, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati

• CVE-2024-53240Dec 24, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t

• CVE-2024-53142Dec 6, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG

• CVE-2024-53125Dec 4, 2024
  affected < 9-150400.2.1fixed 9-150400.2.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set:

• CVE-2024-8805Nov 22, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

• CVE-2024-53095Nov 21, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

• CVE-2024-50154Nov 7, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc

• CVE-2024-41087Jul 29, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri

• CVE-2021-47202Apr 10, 2024
  affected < 1-150400.9.3.1fixed 1-150400.9.3.1

  In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in of_thermal_ functions of_parse_thermal_zones() parses the thermal-zones node and registers a thermal_zone device for each subnode. However, if a thermal zone is consumi