rpm package
suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (472)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50183 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release | ||
| CVE-2024-50182 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map(). This is the case for example on some arm64 configurations, where marking 4k | ||
| CVE-2024-50180 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the | ||
| CVE-2024-50179 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it g | ||
| CVE-2024-50153 | Med | 5.5 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod] ... kasan_rep | |
| CVE-2024-50150 | Hig | 7.8 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent an | |
| CVE-2024-50148 | Med | 5.5 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G | |
| CVE-2024-50171 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it. | ||
| CVE-2024-50167 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in be_xmit() The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it. | ||
| CVE-2024-50160 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs8409: Fix possible NULL dereference If snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then NULL pointer dereference will occur in the next line. Since dolphin_fixups function is a | ||
| CVE-2024-50156 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() If the allocation in msm_disp_state_dump_regs() failed then `block->state` can be NULL. The msm_disp_state_print_regs() function _does_ have code t | ||
| CVE-2024-50155 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: netdevsim: use cond_resched() in nsim_dev_trap_report_work() I am still seeing many syzbot reports hinting that syzbot might fool nsim_dev_trap_report_work() with hundreds of ports [1] Lets use cond_resched(), | ||
| CVE-2024-50154 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc | ||
| CVE-2024-50147 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. In additio | ||
| CVE-2024-50146 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not c | ||
| CVE-2024-50141 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is f | ||
| CVE-2024-50134 | Med | 5.5 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write | |
| CVE-2024-50131 | Hig | 7.8 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no | |
| CVE-2024-50127 | Hig | 7.8 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre | |
| CVE-2024-50095 | Med | 5.5 | < 1-150500.11.5.1 | 1-150500.11.5.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. |
- CVE-2024-50183Nov 8, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release
- CVE-2024-50182Nov 8, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map(). This is the case for example on some arm64 configurations, where marking 4k
- CVE-2024-50180Nov 8, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the
- CVE-2024-50179Nov 8, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it g
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod] ... kasan_rep
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent an
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G
- CVE-2024-50171Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it.
- CVE-2024-50167Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in be_xmit() The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.
- CVE-2024-50160Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs8409: Fix possible NULL dereference If snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then NULL pointer dereference will occur in the next line. Since dolphin_fixups function is a
- CVE-2024-50156Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() If the allocation in msm_disp_state_dump_regs() failed then `block->state` can be NULL. The msm_disp_state_print_regs() function _does_ have code t
- CVE-2024-50155Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: netdevsim: use cond_resched() in nsim_dev_trap_report_work() I am still seeing many syzbot reports hinting that syzbot might fool nsim_dev_trap_report_work() with hundreds of ports [1] Lets use cond_resched(),
- CVE-2024-50154Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc
- CVE-2024-50147Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. In additio
- CVE-2024-50146Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not c
- CVE-2024-50141Nov 7, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is f
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre
- affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no.
Page 6 of 24