VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (472)

  • CVE-2024-50061Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition In the cdns_i3c_master_probe function, &master->hj_work is bound with cdns_i3c_master_hj. And cdns_i3c_master_

  • CVE-2024-50059Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition In the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev function, then &sndev->check_link_st

  • CVE-2024-50055Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the

  • CVE-2024-50049Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fix

  • CVE-2024-50048Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_t type; struct tiocl_selection t

  • CVE-2024-50047Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt

  • CVE-2024-50041Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. The leak occurs when multiple

  • CVE-2024-50031Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to ha

  • CVE-2024-50028Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermal_zone_get_by_id() There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has

  • CVE-2024-50026Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr()

  • CVE-2024-50025Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flush_work initialization out of if block After commit 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue"), it can happen that a work item is sent to an uninitialized work qu

  • CVE-2024-50024Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 [#1] ... NIP [c000000000c080

  • CVE-2024-50019Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASK_P

  • CVE-2024-50008MedOct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`. With this, fix the foll

  • CVE-2024-50006MedOct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates

  • CVE-2024-50017Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm/ident_map: Use gbpages only where full GB page should be mapped. When ident_pud_init() uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the

  • CVE-2024-50014Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to

  • CVE-2024-50013Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry, 'bh' will not be released and reassigned, which will cause a memory leak.

  • CVE-2024-50009Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return in case of error. Found by Linux Verification Center (linuxtesti

  • CVE-2024-50007Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This pa

Page 12 of 24