VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (286)

  • CVE-2024-41056Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files Use strnlen() instead of strlen() on the algorithm and coefficient name string arrays in V1 wmfw files. In V1 wmfw files the name is a NUL-termin

  • CVE-2024-41045Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpf_timer_cancel_and_free Currently, the same case as previous patch (two timer callbacks trying to cancel each other) can be invoked through bpf_map_update_elem as well, or more precisely, f

  • CVE-2024-41042Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prefer nft_chain_validate nft_chain_validate already performs loop detection because a cycle will result in a call stack overflow (ctx->level >= NFT_JUMP_STACK_SIZE). It also follows maps

  • CVE-2024-41039Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmw

  • CVE-2024-41038Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length

  • CVE-2024-41036Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq:

  • CVE-2024-41035Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin

  • CVE-2024-41022Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" variable needs to be signed for the error handling to work.

  • CVE-2024-41020Jul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p

  • CVE-2024-41016MedJul 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me

  • CVE-2024-41011Jul 18, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re

  • CVE-2024-41009Jul 17, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer coun

  • CVE-2022-48865Jul 16, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: [ 4.498085] RIP: 0010:tipc_mon_prep+0x4e/0x130 [tipc] ... [ 4.520030] Call Trace: [ 4.520689]

  • CVE-2022-48808Jul 16, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master (dpaa2-eth) is up, the following pan

  • CVE-2024-41007Jul 15, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1

  • CVE-2024-41000HigJul 12, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: [ 62.982337] ------------[ cut here ]------------ [ 62.985692

  • CVE-2024-40995MedJul 12, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() syzbot found hanging tasks waiting on rtnl_lock [1] A reproducer is available in the syzbot bug. When a request to add multiple actions

  • CVE-2024-40980MedJul 12, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_lock. This is problematic for RT kernels because spin_locks are sleeping locks in

  • CVE-2024-40978HigJul 12, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash. To fix this issue, use a smal

  • CVE-2024-40905MedJul 12, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in __fib6_drop_pcpu_from() syzbot found a race in __fib6_drop_pcpu_from() [1] If compiler reads more than once (*ppcpu_rt), second read could read NULL, if another cpu clears the value

Page 12 of 15