VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (68)

  • CVE-2024-56648MedDec 27, 2024
    affected < 16-150500.2.1fixed 16-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend

  • CVE-2024-50302MedKEVNov 19, 2024
    affected < 16-150500.2.1fixed 16-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k

  • CVE-2024-50264HigNov 19, 2024
    affected < 12-150500.11.8.1fixed 12-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. T

  • CVE-2022-48956HigOct 21, 2024
    affected < 12-150500.11.8.1fixed 12-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use

  • CVE-2024-47684MedOct 21, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r

  • CVE-2024-46818HigSep 27, 2024
    affected < 16-150500.2.1fixed 16-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46815HigSep 27, 2024
    affected < 16-150500.2.1fixed 16-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an

  • CVE-2024-45016MedSep 11, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.

  • CVE-2022-48923MedAug 22, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copy_compressed_segment to write o

  • CVE-2022-48912HigAug 22, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been released, because other threads might have freed our allocated hooks already. BUG: KASA

  • CVE-2022-48911MedAug 22, 2024
    affected < 16-150500.2.1fixed 16-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet

  • CVE-2024-43861MedAug 20, 2024
    affected < 11-150500.11.8.1fixed 11-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

  • CVE-2024-41059HigJul 29, 2024
    affected < 9-150500.11.8.1fixed 9-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x

  • CVE-2024-41057HigJul 29, 2024
    affected < 13-150500.11.8.1fixed 13-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN:

  • CVE-2024-40954HigJul 12, 2024
    affected < 9-150500.11.8.1fixed 9-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_

  • CVE-2023-52340HigJul 5, 2024
    affected < 2-150500.11.8.1fixed 2-150500.11.8.1

    The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

  • CVE-2021-47598HigJun 19, 2024
    affected < 10-150500.11.8.1fixed 10-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D

  • CVE-2024-36971HigKEVJun 10, 2024
    affected < 13-150500.11.8.1fixed 13-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca

  • CVE-2024-36964MedJun 3, 2024
    affected < 9-150500.11.8.1fixed 9-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s

  • CVE-2024-36904HigMay 30, 2024
    affected < 11-150500.11.8.1fixed 11-150500.11.8.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat

Page 1 of 4