VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (588)

  • CVE-2023-52692May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it fails rather than continuing w

  • CVE-2023-52691May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. Howev

  • CVE-2023-52690May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to av

  • CVE-2023-52686May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2023-52683May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32

  • CVE-2023-52680May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return value and pass to the caller.

  • CVE-2023-52679May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in of_parse_phandle_with_args_map In of_parse_phandle_with_args_map() the inner loop that iterates through the map entries calls of_node_put(new) to free the reference acquired by the previo

  • CVE-2023-52678May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the b

  • CVE-2023-52676May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The arithmetic implies adding togeth

  • CVE-2023-52674May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_va

  • CVE-2024-35828MedMay 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be

  • CVE-2024-35823MedMay 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer").

  • CVE-2024-35815MedMay 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct kiocb that is not embedded inside struct aio_kiocb. With the current code, dependi

  • CVE-2024-35813MedMay 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_idata = idatas[i - 1], but doesn't check that the iterator i is greater than zero

  • CVE-2024-35811MedMay 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following

  • CVE-2023-52671May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC could cause a hang/underflow due to O

  • CVE-2023-52669May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual

  • CVE-2024-35833May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA This dma_alloc_coherent() is undone neither in the remove function, nor in the error handling path of fsl_qdma_probe(). Switch to the man

  • CVE-2023-52664May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aq_ring_free could be called multiple times on same ring, if system is under stress and g

  • CVE-2024-35830May 17, 2024
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.

Page 22 of 30