rpm package
suse/kernel-livepatch-SLE15-SP5_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_19&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (344)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42225 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data | ||
| CVE-2024-42223 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations. | ||
| CVE-2024-42162 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid acces | ||
| CVE-2024-42158 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for kfree_sensitive/kvfree_ | ||
| CVE-2024-42157 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copy_to_user() fails. | ||
| CVE-2024-42156 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key. | ||
| CVE-2024-42155 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copi | ||
| CVE-2024-42152 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler | ||
| CVE-2024-42148 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equ | ||
| CVE-2024-42142 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses | ||
| CVE-2024-42139 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains ena | ||
| CVE-2024-42137 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot Commit 272970be3dab ("Bluetooth: hci_qca: Fix driver shutdown on closed serdev") will cause below regression issue: BT can't be enabled | ||
| CVE-2024-42127 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and th | ||
| CVE-2024-42126 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int | ||
| CVE-2024-42121 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT] msg_id is used as an array index and it cannot be a negative value, and therefore cannot be equal to MOD_HDCP_MESSAGE_ID_INVALID (-1). [HOW] Chec | ||
| CVE-2024-42120 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity. | ||
| CVE-2024-42119 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Sk | ||
| CVE-2024-42115 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2_free_inode During the stress testing of the jffs2 file system,the following abnormal printouts were found: [ 2430.649000] Unable to handle kernel paging requ | ||
| CVE-2024-42110 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA) dmanegine as the data mover for ntb_transport that ntb_netdev uses. [74412.5469 | ||
| CVE-2024-42107 | — | < 1-150500.11.3.2 | 1-150500.11.3.2 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the i |
- CVE-2024-42225Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data
- CVE-2024-42223Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations.
- CVE-2024-42162Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid acces
- CVE-2024-42158Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for kfree_sensitive/kvfree_
- CVE-2024-42157Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copy_to_user() fails.
- CVE-2024-42156Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key.
- CVE-2024-42155Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copi
- CVE-2024-42152Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler
- CVE-2024-42148Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equ
- CVE-2024-42142Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses
- CVE-2024-42139Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains ena
- CVE-2024-42137Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot Commit 272970be3dab ("Bluetooth: hci_qca: Fix driver shutdown on closed serdev") will cause below regression issue: BT can't be enabled
- CVE-2024-42127Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and th
- CVE-2024-42126Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int
- CVE-2024-42121Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT] msg_id is used as an array index and it cannot be a negative value, and therefore cannot be equal to MOD_HDCP_MESSAGE_ID_INVALID (-1). [HOW] Chec
- CVE-2024-42120Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity.
- CVE-2024-42119Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Sk
- CVE-2024-42115Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2_free_inode During the stress testing of the jffs2 file system,the following abnormal printouts were found: [ 2430.649000] Unable to handle kernel paging requ
- CVE-2024-42110Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA) dmanegine as the data mover for ntb_transport that ntb_netdev uses. [74412.5469
- CVE-2024-42107Jul 30, 2024affected < 1-150500.11.3.2fixed 1-150500.11.3.2
In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the i
Page 12 of 18