rpm package

suse/kernel-livepatch-SLE15-SP5_Update_17&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (563)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-26802	—	< 1-150500.11.3.1	1-150500.11.3.1	Apr 4, 2024	In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does
CVE-2024-26800	—	< 1-150500.11.3.1	1-150500.11.3.1	Apr 4, 2024	In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed.
CVE-2024-26665	—	< 1-150500.11.3.1	1-150500.11.3.1	Apr 2, 2024	In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of
CVE-2024-26663	—	< 1-150500.11.3.1	1-150500.11.3.1	Apr 2, 2024	In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010:
CVE-2024-26661	—	< 1-150500.11.3.1	1-150500.11.3.1	Apr 2, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
CVE-2023-52622	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 26, 2024	In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir re
CVE-2024-26644	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 26, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction a
CVE-2024-26641	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Call pskb_inet_may_pull() to fix this, and initialize ipv6h variable after this cal
CVE-2024-26636	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Lik
CVE-2024-26635	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b
CVE-2024-26633	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea
CVE-2024-26625	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 6, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after cal
CVE-2021-47103	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 4, 2024	In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk->sk_rx_dst to RCU rules syzbot reported various issues around early demux, one being included in this changelog [1] sk->sk_rx_dst is using RCU protection without clearly documenting it.
CVE-2021-47089	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 4, 2024	In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 (size 248): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s)
CVE-2021-47086	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 4, 2024	In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl() implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problem
CVE-2023-52580	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 2, 2024	In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETH_P_1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to __skb_flow_dissect, nhoff value calculation is wrong. For example:
CVE-2023-52573	—	< 1-150500.11.3.1	1-150500.11.3.1	Mar 2, 2024	In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists before dereferencing it as rdma_set_service_type() argument Found by Linux Verification Center (
CVE-2024-26615	—	< 1-150500.11.3.1	1-150500.11.3.1	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
CVE-2024-26584	—	< 1-150500.11.3.1	1-150500.11.3.1	Feb 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
CVE-2024-26583	—	< 1-150500.11.3.1	1-150500.11.3.1	Feb 21, 2024	In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch

CVE-2024-26802Apr 4, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does
CVE-2024-26800Apr 4, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed.
CVE-2024-26665Apr 2, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of
CVE-2024-26663Apr 2, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010:
CVE-2024-26661Apr 2, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
CVE-2023-52622Mar 26, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir re
CVE-2024-26644Mar 26, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction a
CVE-2024-26641Mar 18, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Call pskb_inet_may_pull() to fix this, and initialize ipv6h variable after this cal
CVE-2024-26636Mar 18, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Lik
CVE-2024-26635Mar 18, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b
CVE-2024-26633Mar 18, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea
CVE-2024-26625Mar 6, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after cal
CVE-2021-47103Mar 4, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk->sk_rx_dst to RCU rules syzbot reported various issues around early demux, one being included in this changelog [1] sk->sk_rx_dst is using RCU protection without clearly documenting it.
CVE-2021-47089Mar 4, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 (size 248): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s)
CVE-2021-47086Mar 4, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl() implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problem
CVE-2023-52580Mar 2, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETH_P_1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to __skb_flow_dissect, nhoff value calculation is wrong. For example:
CVE-2023-52573Mar 2, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists before dereferencing it as rdma_set_service_type() argument Found by Linux Verification Center (
CVE-2024-26615Feb 29, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
CVE-2024-26584Feb 21, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
CVE-2024-26583Feb 21, 2024
affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch

Page 28 of 29