VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_13&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (255)

  • CVE-2023-52585Mar 6, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 amdgpu

  • CVE-2023-52561Mar 2, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory (the splash memory region set up by the bootloader). It fixes a kernel pan

  • CVE-2023-52503Mar 2, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix use-after-free vulnerability in amdtee_close_session There is a potential race condition in amdtee_close_session that may cause use-after-free in amdtee_open_session. For instance, if a session

  • CVE-2024-26610Feb 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the

  • CVE-2023-52488Feb 29, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d

  • CVE-2021-47047Feb 28, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dma_addr_t width to 44-bit to avoid using a swiotlb mapping. In addition

  • CVE-2024-26601Feb 24, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod

  • CVE-2024-0841Jan 28, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

  • CVE-2024-23307MedJan 25, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

  • CVE-2024-22099MedJan 25, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

  • CVE-2024-23848MedJan 23, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.

  • CVE-2024-23850Jan 23, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.

  • CVE-2024-0639Jan 17, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

  • CVE-2023-6270Jan 4, 2024
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob

  • CVE-2023-2860Jul 24, 2023
    affected < 1-150500.11.3.2fixed 1-150500.11.3.2

    An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated

Page 13 of 13