rpm package
suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (472)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-46817 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_init. | ||
| CVE-2024-46816 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_D | ||
| CVE-2024-46815 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an | ||
| CVE-2024-46814 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN | ||
| CVE-2024-46811 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box [Why] Coverity reports OVERRUN warning. soc.num_states could be 40. But array range of bw_params->clk_table.entries is 8. [Ho | ||
| CVE-2024-46810 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Make sure the connector is fully initialized before signalling any HPD events via drm_kms_helper_hotplug_event(), otherwise t | ||
| CVE-2024-46809 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULL_RETURNS issues reported by Coverity. | ||
| CVE-2024-46807 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL | ||
| CVE-2024-46805 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL. | ||
| CVE-2024-46804 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning. Do not check if array index valid. [How] Check msg_id valid and valid array index. | ||
| CVE-2024-46802 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL | ||
| CVE-2024-46800 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_backlog() is not called to | ||
| CVE-2024-46777 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we | ||
| CVE-2024-46775 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity. | ||
| CVE-2024-46770 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL point | ||
| CVE-2024-46754 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau | ||
| CVE-2024-46719 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport r | ||
| CVE-2024-46716 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In consequence replace list_add_ | ||
| CVE-2024-46681 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpus_read_lock() in pg_net_init() I have seen the WARN_ON(smp_processor_id() != cpu) firing in pktgen_thread_worker() during tests. We must use cpus_read_lock()/cpus_read_unlock() around the for_ea | ||
| CVE-2024-46678 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xdo_dev_state_add and xdo_dev_state_delete are called inside this lock. As ipsec_lo |
- CVE-2024-46817Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_init.
- CVE-2024-46816Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_D
- CVE-2024-46815Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an
- CVE-2024-46814Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN
- CVE-2024-46811Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box [Why] Coverity reports OVERRUN warning. soc.num_states could be 40. But array range of bw_params->clk_table.entries is 8. [Ho
- CVE-2024-46810Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Make sure the connector is fully initialized before signalling any HPD events via drm_kms_helper_hotplug_event(), otherwise t
- CVE-2024-46809Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULL_RETURNS issues reported by Coverity.
- CVE-2024-46807Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL
- CVE-2024-46805Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL.
- CVE-2024-46804Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning. Do not check if array index valid. [How] Check msg_id valid and valid array index.
- CVE-2024-46802Sep 27, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL
- CVE-2024-46800Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue If netem_dequeue() enqueues packet to inner qdisc and that qdisc returns __NET_XMIT_STOLEN. The packet is dropped but qdisc_tree_reduce_backlog() is not called to
- CVE-2024-46777Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we
- CVE-2024-46775Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity.
- CVE-2024-46770Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL point
- CVE-2024-46754Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau
- CVE-2024-46719Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport r
- CVE-2024-46716Sep 18, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In consequence replace list_add_
- CVE-2024-46681Sep 13, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpus_read_lock() in pg_net_init() I have seen the WARN_ON(smp_processor_id() != cpu) firing in pktgen_thread_worker() during tests. We must use cpus_read_lock()/cpus_read_unlock() around the for_ea
- CVE-2024-46678Sep 13, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xdo_dev_state_add and xdo_dev_state_delete are called inside this lock. As ipsec_lo
Page 21 of 24