VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (286)

  • CVE-2024-42077Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix DIO failure due to insufficient transaction credits The code in ocfs2_dio_end_io_write() estimates number of necessary transaction credits using ocfs2_calc_extend_credits(). This however does not ta

  • CVE-2024-42076Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939_send_one() syzbot reported kernel-infoleak in raw_recvmsg() [1]. j1939_send_one() creates full frame including unused data, but it doesn't initialize it. This ca

  • CVE-2024-42074Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chip_pdev structure When acp platform device creation is skipped, chip->chip_pdev value will remain NULL. Add NULL check for chip->chip_pdev structure in snd_acp_resume() fu

  • CVE-2024-42069Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function adev_release calls kfree(madev). We shouldn't cal

  • CVE-2023-52887Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new This patch enhances error handling in scenarios with RTS (Request to Send) messages arriving closely. It repl

  • CVE-2024-41098Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ata_port_alloc() call in ata_host_alloc() fails, ata_host_release() will get called. However, the code in ata_host_release() tries to free ata_por

  • CVE-2024-41097Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be u

  • CVE-2024-41095Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der

  • CVE-2024-41093Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid usi

  • CVE-2024-41092Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been sporadically reporting the following issue triggered by igt@i915_selftest@live@hangcheck on ADL-P and similar machines: <6> [414.049203]

  • CVE-2024-41089Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der

  • CVE-2024-41088Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfd_start_xmit() function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after

  • CVE-2024-41087Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri

  • CVE-2024-41079MedJul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar

  • CVE-2024-41080Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix possible deadlock in io_register_iowq_max_workers() The io_register_iowq_max_workers() function calls io_put_sq_data(), which acquires the sqd->lock without releasing the uring_lock. Similar to th

  • CVE-2024-41073Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQF_SPECIAL_LOAD when the re

  • CVE-2024-41068Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclp_init() cleanup on failure If sclp_init() fails it only partially cleans up: if there are multiple failing calls to sclp_init() sclp_state_change_event will be added several times to sclp_reg

  • CVE-2024-41065Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu-* results in a BUG() when the config CONFIG_HARDENED_USERCOPY is enabled

  • CVE-2024-41062Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection

  • CVE-2024-41060Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to check it before dereferencing it.

Page 11 of 15