suse/kernel-livepatch-SLE15-SP5_Update_20&distro=SUSE Linux Enterprise Live Patching 15 SP5

Vulnerabilities (171)

• CVE-2024-44944MedAug 30, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expecta

• CVE-2024-44935MedAug 26, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseport_add_sock(). syzbot reported a null-ptr-deref while accessing sk2->sk_reuseport_cb in reuseport_add_sock(). [0] The repro first creates a listener with SO_REUSEPORT. Then,

• CVE-2024-43890MedAug 26, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum n

• CVE-2024-43914Aug 26, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUG_ON() can b

• CVE-2024-43912Aug 26, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels is

• CVE-2022-48935Aug 22, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nf_tables_flowtable_destroy() otherwise hook core reports UAF. BUG: KASAN: use-after-free

• CVE-2022-48923Aug 22, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copy_compressed_segment to write o

• CVE-2022-48911Aug 22, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet

• CVE-2022-48901Aug 22, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: do not start relocation until in progress drops are done We hit a bug with a recovering relocation on mount for one of our file systems in production. I reproduced this locally by injecting errors into

• CVE-2024-43828MedAug 17, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit When doing fast_commit replay an infinite loop may occur due to an uninitialized extent_status struct. ext4_ext_determine_insert_hole() does not detect the re

• CVE-2024-43835Aug 17, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix napi_skb_cache_put warning After the commit bdacf3e34945 ("net: Use nested-BH locking for napi_alloc_cache.") was merged, the following warning began to appear: WARNING: CPU: 5 PID: 1 at net/

• CVE-2024-42306MedAug 17, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. However the next allocation fr

• CVE-2024-42305MedAug 17, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD

• CVE-2024-42304MedAug 17, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. And no errors are reported when creati

• CVE-2024-42265MedAug 17, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec

• CVE-2024-42259MedAug 14, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping o

• CVE-2024-42154Jul 30, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it

• CVE-2024-41082Jul 29, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of admin_q. If a reset (nvm

• CVE-2024-41062Jul 29, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection

• CVE-2024-40983Jul 12, 2024
  affected < 1-150500.11.3.1fixed 1-150500.11.3.1

  In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 ("xfrm: Force a dst refcount before entering the xfrm type handlers"): "Crypto requests might return asynchronous. In this c