VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (286)

  • CVE-2024-39489MedJul 10, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms. Update seg6_hmac_e

  • CVE-2024-38662MedJun 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_d

  • CVE-2024-36489MedJun 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tls_init In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}. CPU0

  • CVE-2024-36286MedJun 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called without rcu_read_lock() : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-0206

  • CVE-2024-36270MedJun 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr

  • CVE-2024-31076Jun 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. Instead, the change is de

  • CVE-2024-38602Jun 19, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The

  • CVE-2024-38554Jun 19, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issue of net_device There is a reference count leak issue of the object "net_device" in ax25_dev_device_down(). When the ax25 device is shutting down, the ax25_dev_device_down() d

  • CVE-2024-36962Jun 3, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from n

  • CVE-2024-36929MedMay 30, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in ord

  • CVE-2024-36936May 30, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 ("efi/unaccepted: Fix soft lockups caused by parallel memory acceptance") has released the spinlock so other CPUs can do memory accepta

  • CVE-2024-36933May 30, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). syzbot triggered various splats (see [0] and links) by a crafted GSO packet of VIRTIO_NET_HDR_GSO_UDP layering the following p

  • CVE-2021-47546May 24, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a `fib` rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain

  • CVE-2021-47517May 24, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations co

  • CVE-2024-36013May 23, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also make the l2cap_connect() return type void. Nothing is using the returned value but

  • CVE-2023-52859May 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhp_state_remove_instance() to call uncore p

  • CVE-2022-48706May 21, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: vdpa: ifcvf: Do proper cleanup if IFCVF init fails ifcvf_mgmt_dev leaks memory if it is not freed before returning. Call is made to correct return statement so memory does not leak. ifcvf_init_hw does not take

  • CVE-2024-36009May 20, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). When the ax25 device is detaching, the dev_tracker of ax25_cb should be deallocated in ax25_kill_by_device() instead of the de

  • CVE-2024-35971May 20, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851_irq() thread may call ks8851_rx_pkts() in case there are any packets in the MAC FIFO, which calls netif_rx(). This netif_rx() impleme

  • CVE-2024-35945May 19, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: phy: phy_device: Prevent nullptr exceptions on ISR If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service r