VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_12&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (189)

  • CVE-2024-56648Dec 27, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend

  • CVE-2024-53156Dec 24, 2024
    affected < 18-150500.2.2fixed 18-150500.2.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255

  • CVE-2024-2201MedDec 19, 2024
    affected < 1-150500.11.7.1fixed 1-150500.11.7.1

    A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

  • CVE-2024-53104KEVDec 2, 2024
    affected < 13-150500.2.1fixed 13-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

  • CVE-2024-50302MedKEVNov 19, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k

  • CVE-2024-50264Nov 19, 2024
    affected < 10-150500.11.10.1fixed 10-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. T

  • CVE-2024-50115Nov 5, 2024
    affected < 18-150500.2.2fixed 18-150500.2.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc

  • CVE-2022-48956Oct 21, 2024
    affected < 10-150500.11.10.1fixed 10-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use

  • CVE-2024-46818Sep 27, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46815Sep 27, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an

  • CVE-2022-48911Aug 22, 2024
    affected < 14-150500.2.1fixed 14-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet

  • CVE-2024-43882HigAug 21, 2024
    affected < 18-150500.2.2fixed 18-150500.2.2

    In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer

  • CVE-2024-43861Aug 20, 2024
    affected < 9-150500.11.10.1fixed 9-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

  • CVE-2024-41062Jul 29, 2024
    affected < 15-150500.2.1fixed 15-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection

  • CVE-2024-41059Jul 29, 2024
    affected < 7-150500.11.10.1fixed 7-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x

  • CVE-2024-41057Jul 29, 2024
    affected < 11-150500.11.10.1fixed 11-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN:

  • CVE-2024-40956Jul 12, 2024
    affected < 13-150500.2.1fixed 13-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed

  • CVE-2024-40954Jul 12, 2024
    affected < 7-150500.11.10.1fixed 7-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_

  • CVE-2021-47598Jun 19, 2024
    affected < 8-150500.11.10.1fixed 8-150500.11.10.1

    In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D

  • CVE-2024-36974HigJun 18, 2024
    affected < 13-150500.2.1fixed 13-150500.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k

Page 1 of 10