VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5-RT_Update_18&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (306)

  • CVE-2022-48775Jul 16, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko

  • CVE-2022-48774Jul 16, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path of pt_core_init(), 2 goto's have to be switched. Otherwise, some resources will le

  • CVE-2022-48773Jul 16, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries f

  • CVE-2023-52886Jul 16, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr

  • CVE-2023-52885Jul 14, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis

  • CVE-2024-41006MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nr_heartbeat_expiry() syzbot reported a memory leak in nr_create() [0]. Commit 409db27e3a2e ("netrom: Fix use-after-free of a listening socket.") added sock_hold() to the nr_heartb

  • CVE-2024-41004MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and

  • CVE-2024-40984MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Undo the modifications made in commit d410ee5109a1 ("ACPICA: avoid "Info: mapping multiple BARs. Your kernel is fine.""). The ini

  • CVE-2024-40961MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL. fib6_nh_init() ip6_validate_gw( &idev ) ip6_route_check_nh( idev ) *idev =

  • CVE-2024-40960MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL. [1] Oops: general protection fault, probably for non-canon

  • CVE-2024-40959MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() ip6_dst_idev() can return NULL, xfrm6_get_saddr() must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonica

  • CVE-2024-40958HigJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcount_warn_saturate+0xdf/0x1d0 Modules lin

  • CVE-2024-40945MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR value in error cases. Existing drivers (idxd and uacce) only check the return va

  • CVE-2024-40942MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets de

  • CVE-2024-40941MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove t

  • CVE-2024-40934MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.

  • CVE-2024-40916MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortu

  • CVE-2024-40912MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_unicast_ps_buf() which is called from soft

  • CVE-2024-39509MedJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement() alre

  • CVE-2024-39502HigJul 12, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del() When queues are started, netif_napi_add() and napi_enable() are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues' napi

Page 7 of 16