rpm package
suse/kernel-livepatch-SLE15-SP5_Update_12&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (189)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26612 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). Check first, then dereference. | ||
| CVE-2024-26610 | — | < 2-150500.11.10.1 | 2-150500.11.10.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the | ||
| CVE-2023-52497 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I | ||
| CVE-2023-52494 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "is_valid_ring_ptr" to make sure it is in the buffer range, but there is another risk the pointe | ||
| CVE-2023-52493 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parse_xfer_event() such that a callback given to clie | ||
| CVE-2023-52492 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure, chan->local is freed (with free_percpu()), and chan->local is nullified. When d | ||
| CVE-2023-52486 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from | ||
| CVE-2024-26607 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: [ 53.271356] sii902x_get_edid+0x34/0x70 [sii902x] [ 53.276066] | ||
| CVE-2023-52484 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: ------------------------------------------------------------------- | ||
| CVE-2023-52482 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which exists on Hygon processors too. | ||
| CVE-2023-52481 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load | ||
| CVE-2023-52477 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init | ||
| CVE-2023-52476 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur | ||
| CVE-2021-46936 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in tw_timer_handler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7 | ||
| CVE-2021-46934 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i | ||
| CVE-2021-46933 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmou | ||
| CVE-2021-46931 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5e_tx_reporter_dump_sq() casts its void * argument to struct mlx5e_txqsq *, but in TX-timeout-recovery flow the argument is actually o | ||
| CVE-2021-46930 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34 | ||
| CVE-2021-46929 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9 | ||
| CVE-2021-46927 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert After commit 5b78ed24e8ec ("mm/pagemap: add mmap_assert_locked() annotations to find_vma*()"), the call to get_user_pages() will trigger |
- CVE-2024-26612Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). Check first, then dereference.
- CVE-2024-26610Feb 29, 2024affected < 2-150500.11.10.1fixed 2-150500.11.10.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the
- CVE-2023-52497Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I
- CVE-2023-52494Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "is_valid_ring_ptr" to make sure it is in the buffer range, but there is another risk the pointe
- CVE-2023-52493Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the channel are not taken in succession by dropping the read lock from parse_xfer_event() such that a callback given to clie
- CVE-2023-52492Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure, chan->local is freed (with free_percpu()), and chan->local is nullified. When d
- CVE-2023-52486Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from
- CVE-2024-26607Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: [ 53.271356] sii902x_get_edid+0x34/0x70 [sii902x] [ 53.276066]
- CVE-2023-52484Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------
- CVE-2023-52482Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which exists on Hygon processors too.
- CVE-2023-52481Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load
- CVE-2023-52477Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init
- CVE-2023-52476Feb 29, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur
- CVE-2021-46936Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in tw_timer_handler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7
- CVE-2021-46934Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i
- CVE-2021-46933Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmou
- CVE-2021-46931Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5e_tx_reporter_dump_sq() casts its void * argument to struct mlx5e_txqsq *, but in TX-timeout-recovery flow the argument is actually o
- CVE-2021-46930Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34
- CVE-2021-46929Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9
- CVE-2021-46927Feb 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert After commit 5b78ed24e8ec ("mm/pagemap: add mmap_assert_locked() annotations to find_vma*()"), the call to get_user_pages() will trigger
Page 8 of 10