suse/kernel-livepatch-SLE15-SP5_Update_19&distro=SUSE Linux Enterprise Live Patching 15 SP5

Vulnerabilities (344)

• CVE-2025-21791Feb 27, 2025
  affected < 16-150500.2.1fixed 16-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou

• CVE-2024-57996MedFeb 27, 2025
  affected < 9-150500.2.2fixed 9-150500.2.2

  In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

• CVE-2024-58013Feb 27, 2025
  affected < 9-150500.2.2fixed 9-150500.2.2

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free

• CVE-2022-49080Feb 26, 2025
  affected < 9-150500.2.2fixed 9-150500.2.2

  In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized

• CVE-2022-49053Feb 26, 2025
  affected < 14-150500.2.1fixed 14-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th

• CVE-2025-21701MedFeb 13, 2025
  affected < 14-150500.2.1fixed 14-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic

• CVE-2025-21692HigFeb 10, 2025
  affected < 16-150500.2.1fixed 16-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo

• CVE-2024-56648Dec 27, 2024
  affected < 5-150500.2.1fixed 5-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend

• CVE-2024-56605Dec 27, 2024
  affected < 10-150500.3.1fixed 10-150500.3.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o

• CVE-2024-56601Dec 27, 2024
  affected < 10-150500.3.1fixed 10-150500.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o

• CVE-2024-56600Dec 27, 2024
  affected < 6-150500.2.1fixed 6-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the

• CVE-2024-53208Dec 27, 2024
  affected < 10-150500.3.1fixed 10-150500.3.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in set_power

• CVE-2024-53168Dec 27, 2024
  affected < 16-150500.2.1fixed 16-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID

• CVE-2024-53156Dec 24, 2024
  affected < 8-150500.2.2fixed 8-150500.2.2

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255

• CVE-2024-53104KEVDec 2, 2024
  affected < 4-150500.2.1fixed 4-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

• CVE-2024-50302MedKEVNov 19, 2024
  affected < 5-150500.2.1fixed 5-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k

• CVE-2024-50301HigNov 19, 2024
  affected < 10-150500.3.1fixed 10-150500.3.1

  In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uid_eq

• CVE-2024-50279Nov 19, 2024
  affected < 10-150500.3.1fixed 10-150500.3.1

  In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes

• CVE-2024-50154Nov 7, 2024
  affected < 16-150500.2.1fixed 16-150500.2.1

  In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc

• CVE-2024-50127HigNov 5, 2024
  affected < 10-150500.3.1fixed 10-150500.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre