rpm package
suse/kernel-livepatch-SLE15-SP4_Update_37&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_37&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (48)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-53168 | — | < 8-150400.2.1 | 8-150400.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID | ||
| CVE-2024-53141 | — | < 11-150400.2.1 | 11-150400.2.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f | ||
| CVE-2024-53135 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK | ||
| CVE-2024-50128 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as | ||
| CVE-2024-50115 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc | ||
| CVE-2024-35949 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if | ||
| CVE-2023-52572 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/ | ||
| CVE-2023-1192 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Nov 1, 2023 | A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access |
- CVE-2024-53168Dec 27, 2024affected < 8-150400.2.1fixed 8-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
- CVE-2024-53141Dec 6, 2024affected < 11-150400.2.1fixed 11-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f
- CVE-2024-53135Dec 4, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK
- CVE-2024-50128Nov 5, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as
- CVE-2024-50115Nov 5, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
- CVE-2024-35949May 20, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if
- CVE-2023-52572Mar 2, 2024affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/
- CVE-2023-1192Nov 1, 2023affected < 1-150400.9.3.1fixed 1-150400.9.3.1
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access
Page 3 of 3