rpm package
suse/kernel-livepatch-SLE15-SP5-RT_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (561)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-2201 | Med | 4.7 | < 1-150500.11.3.1 | 1-150500.11.3.1 | Dec 19, 2024 | A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. | |
| CVE-2024-43861 | — | < 6-150500.11.6.1 | 6-150500.11.6.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | ||
| CVE-2024-41059 | — | < 4-150500.11.6.1 | 4-150500.11.6.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x | ||
| CVE-2024-40954 | — | < 4-150500.11.6.1 | 4-150500.11.6.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_ | ||
| CVE-2024-40909 | — | < 3-150500.11.6.1 | 3-150500.11.6.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed by link->ops->dealloc_deferred, but the code still tests and uses link->ops->dealloc afterward, which lead | ||
| CVE-2021-47598 | — | < 5-150500.11.6.1 | 5-150500.11.6.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D | ||
| CVE-2024-36959 | Med | 5.5 | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping op | |
| CVE-2024-36940 | Hig | 7.8 | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei | |
| CVE-2024-36904 | Hig | 7.8 | < 6-150500.11.6.1 | 6-150500.11.6.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat | |
| CVE-2024-36899 | Hig | 7.0 | < 4-150500.11.6.1 | 4-150500.11.6.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed | |
| CVE-2024-36955 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mentions this important point: " The caller is responsible for calling fwnode_handle_pu | ||
| CVE-2024-36952 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vpo | ||
| CVE-2024-36950 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a | ||
| CVE-2024-36947 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thi | ||
| CVE-2024-36944 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunate | ||
| CVE-2024-36941 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. | ||
| CVE-2024-36938 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported [1]. [1] BUG: KCSAN: data-race in sk_psock_drop / sk | ||
| CVE-2024-36931 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure the copied buf is NUL terminated Currently, we allocate a lbuf-sized kernel buffer and copy lbuf from userspace to that buffer. Later, we use scanf on this buffer but we don't ensure that the s | ||
| CVE-2024-36928 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try t | ||
| CVE-2024-36926 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI |
- affected < 1-150500.11.3.1fixed 1-150500.11.3.1
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.
- CVE-2024-43861Aug 20, 2024affected < 6-150500.11.6.1fixed 6-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- CVE-2024-41059Jul 29, 2024affected < 4-150500.11.6.1fixed 4-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x
- CVE-2024-40954Jul 12, 2024affected < 4-150500.11.6.1fixed 4-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_
- CVE-2024-40909Jul 12, 2024affected < 3-150500.11.6.1fixed 3-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed by link->ops->dealloc_deferred, but the code still tests and uses link->ops->dealloc afterward, which lead
- CVE-2021-47598Jun 19, 2024affected < 5-150500.11.6.1fixed 5-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D
- affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping op
- affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei
- affected < 6-150500.11.6.1fixed 6-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat
- affected < 4-150500.11.6.1fixed 4-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed
- CVE-2024-36955May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mentions this important point: " The caller is responsible for calling fwnode_handle_pu
- CVE-2024-36952May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vpo
- CVE-2024-36950May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a
- CVE-2024-36947May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thi
- CVE-2024-36944May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunate
- CVE-2024-36941May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here.
- CVE-2024-36938May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported [1]. [1] BUG: KCSAN: data-race in sk_psock_drop / sk
- CVE-2024-36931May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure the copied buf is NUL terminated Currently, we allocate a lbuf-sized kernel buffer and copy lbuf from userspace to that buffer. Later, we use scanf on this buffer but we don't ensure that the s
- CVE-2024-36928May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try t
- CVE-2024-36926May 30, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI
Page 1 of 29