rpm package
suse/kernel-livepatch-SLE15-SP5_Update_13&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (255)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48642 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() It seems to me that percpu memory for chain stats started leaking since commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priorit | ||
| CVE-2022-48640 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial mode != zero (Round Robin) the memory req | ||
| CVE-2022-48639 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix possible refcount leak in tc_new_tfilter() tfilter_put need to be called to put the refount got by tp->ops->get to avoid possible refcount leak when chain->tmplt_ops != NULL and chain->tmplt_ops | ||
| CVE-2022-48638 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace. | ||
| CVE-2022-48637 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnxt: prevent skb UAF after handing over to PTP worker When reading the timestamp is required bnxt_tx_int() hands over the ownership of the completed skb to the PTP worker. The skb should not be used afterwards | ||
| CVE-2022-48636 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The pavgroup pointer is checked on the entranc | ||
| CVE-2022-48634 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reaso | ||
| CVE-2022-48632 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() memcpy() is called in a loop while 'operation->length' upper bound is not checked and 'data_idx' also increments. | ||
| CVE-2022-48631 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 When walking through an inode extents, the ext4_ext_binsearch_idx() function assumes that the extent header has been previously validated. | ||
| CVE-2024-26927 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. To some extent, we're always going to have to trust the firmware a bit. However | ||
| CVE-2024-26923 | Med | 4.7 | < 2-150500.11.6.1 | 2-150500.11.6.1 | Apr 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM | |
| CVE-2024-26917 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changed sp | ||
| CVE-2023-52645 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a ra | ||
| CVE-2024-26903 | Med | 5.5 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no | |
| CVE-2024-26901 | Med | 5.5 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. [1] "BUG: KMSAN: kernel-i | |
| CVE-2024-26898 | Hig | 7.8 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. | |
| CVE-2024-26897 | Med | 4.7 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete The ath9k_wmi_event_tasklet() used in ath9k_htc assumes that all the data structures have been fully initialised by the time it runs. H | |
| CVE-2024-26895 | Hig | 7.8 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilc_netdev_cleanup currently triggers a KASAN warning, which can be observed on interface registration error path, or simply by rem | |
| CVE-2024-26891 | Med | 5.5 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hotplug capable ports, users could request a hot reset to the device by flapping dev | |
| CVE-2024-26885 | Hig | 7.8 | < 1-150500.11.3.2 | 1-150500.11.3.2 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of two of the max_entries value provided when creating the map. When rounding up to t |
- CVE-2022-48642Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() It seems to me that percpu memory for chain stats started leaking since commit 3bc158f8d0330f0a ("netfilter: nf_tables: map basechain priorit
- CVE-2022-48640Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial mode != zero (Round Robin) the memory req
- CVE-2022-48639Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix possible refcount leak in tc_new_tfilter() tfilter_put need to be called to put the refount got by tp->ops->get to avoid possible refcount leak when chain->tmplt_ops != NULL and chain->tmplt_ops
- CVE-2022-48638Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace.
- CVE-2022-48637Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: bnxt: prevent skb UAF after handing over to PTP worker When reading the timestamp is required bnxt_tx_int() hands over the ownership of the completed skb to the PTP worker. The skb should not be used afterwards
- CVE-2022-48636Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The pavgroup pointer is checked on the entranc
- CVE-2022-48634Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reaso
- CVE-2022-48632Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() memcpy() is called in a loop while 'operation->length' upper bound is not checked and 'data_idx' also increments.
- CVE-2022-48631Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 When walking through an inode extents, the ext4_ext_binsearch_idx() function assumes that the extent header has been previously validated.
- CVE-2024-26927Apr 28, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. To some extent, we're always going to have to trust the firmware a bit. However
- affected < 2-150500.11.6.1fixed 2-150500.11.6.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM
- CVE-2024-26917Apr 17, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changed sp
- CVE-2023-52645Apr 17, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a ra
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. [1] "BUG: KMSAN: kernel-i
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel.
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete The ath9k_wmi_event_tasklet() used in ath9k_htc assumes that all the data structures have been fully initialised by the time it runs. H
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilc_netdev_cleanup currently triggers a KASAN warning, which can be observed on interface registration error path, or simply by rem
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hotplug capable ports, users could request a hot reset to the device by flapping dev
- affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of two of the max_entries value provided when creating the map. When rounding up to t
Page 6 of 13