VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_14&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (36)

  • CVE-2024-36964MedJun 3, 2024
    affected < 5-150500.11.6.1fixed 5-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s

  • CVE-2024-36904HigMay 30, 2024
    affected < 7-150500.11.6.1fixed 7-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat

  • CVE-2024-36899HigMay 30, 2024
    affected < 5-150500.11.6.1fixed 5-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed

  • CVE-2021-47517HigMay 24, 2024
    affected < 7-150500.11.6.1fixed 7-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations co

  • CVE-2023-52846HigMay 21, 2024
    affected < 5-150500.11.6.1fixed 5-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb.

  • CVE-2023-52752HigMay 21, 2024
    affected < 6-150500.11.6.1fixed 6-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @

  • CVE-2024-35949HigMay 20, 2024
    affected < 7-150500.11.6.1fixed 7-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if

  • CVE-2024-35905HigMay 19, 2024
    affected < 6-150500.11.6.1fixed 6-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow

  • CVE-2024-35867HigMay 19, 2024
    affected < 6-150500.11.6.1fixed 6-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35864HigMay 19, 2024
    affected < 6-150500.11.6.1fixed 6-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35863HigMay 19, 2024
    affected < 6-150500.11.6.1fixed 6-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35862HigMay 19, 2024
    affected < 6-150500.11.6.1fixed 6-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35861HigMay 19, 2024
    affected < 5-150500.11.6.1fixed 5-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-27398HigMay 14, 2024
    affected < 5-150500.11.6.1fixed 5-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection

  • CVE-2024-26923MedApr 25, 2024
    affected < 2-150500.11.6.1fixed 2-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM

  • CVE-2024-26828MedApr 17, 2024
    affected < 2-150500.11.6.1fixed 2-150500.11.6.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b

Page 2 of 2