VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (834)

  • CVE-2024-35989MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CP

  • CVE-2024-35986MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The power_supply frame-work is not really designed for there to be long living in kernel references to power_supply devices. Specific

  • CVE-2024-35984MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one transfer function always being availa

  • CVE-2024-35982MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments

  • CVE-2024-35981MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: Do not send RSS key if it is not supported There is a bug when setting the RSS options in virtio_net that can break the whole machine, getting the kernel into an infinite loop. Running the followin

  • CVE-2024-35979HigMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will be issued to underlying disks, however, in raid1_write_request(), r1_bio->bios[] will set

  • CVE-2024-35978MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.

  • CVE-2024-35977MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). This can trigger a NULL pointer deref

  • CVE-2024-35976MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING syzbot reported an illegal copy in xsk_setsockopt() [1] Make sure to validate setsockopt() @optlen parameter. [1] BUG: KASAN: slab-out-of-bounds

  • CVE-2024-35975MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which added support for Round ro

  • CVE-2024-35974MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q->blkg_list when calling blkcg_init_

  • CVE-2024-35973MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, t

  • CVE-2024-35972MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix

  • CVE-2024-35971MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851_irq() thread may call ks8851_rx_pkts() in case there are any packets in the MAC FIFO, which calls netif_rx(). This netif_rx() impleme

  • CVE-2024-35970MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Clear stale u->oob_skb. syzkaller started to report deadlock of unix_gc_lock after commit 4090fa373f0e ("af_unix: Replace garbage collection algorithm."), but it just uncovers the bug that has been the

  • CVE-2024-35969MedMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it still means hlist_for_each_entry_rcu can return an item that got removed f

  • CVE-2024-35967HigMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset inc

  • CVE-2024-35966HigMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfcomm_sock_setsockopt_old() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_

  • CVE-2024-35965HigMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data.

  • CVE-2024-35964HigMay 20, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data.

Page 22 of 42