VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (834)

  • CVE-2024-26846Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvme_delete_ctrl a

  • CVE-2024-26845Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmr_list handling An abort that is responded to by iSCSI itself is added to tmr_list but does not go to target core. A LUN_RESET that goes through tmr_list takes a refcounter on t

  • CVE-2024-26844Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request wit

  • CVE-2024-26842Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix shift issue in ufshcd_clear_cmd() When task_tag >= 32 (in MCQ mode) and sizeof(unsigned int) == 4, 1U << task_tag will out of bounds for a u32 mask. Fix this up to prevent SHIFT_ISSUE (bitw

  • CVE-2024-26836Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested

  • CVE-2024-26832Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not inva

  • CVE-2024-26826Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it

  • CVE-2024-26822Apr 17, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll

  • CVE-2024-26816MedApr 10, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us

  • CVE-2024-26815Apr 10, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; // Signed value tc = nla_get_u32(tb[TCA_TAPRIO_TC_ENT

  • CVE-2024-26814Apr 5, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The

  • CVE-2024-26813Apr 5, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo

  • CVE-2024-26809Apr 4, 2024
    affected < 18-150600.2.1fixed 18-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the lookup table, use it to destroy the set, otherwise it is possible to destroy eleme

  • CVE-2024-26808Apr 4, 2024
    affected < 21-150600.2.2fixed 21-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic

  • CVE-2024-26807Apr 4, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c

  • CVE-2024-26805Apr 4, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar

  • CVE-2024-26802Apr 4, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does

  • CVE-2024-26793Apr 4, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h

  • CVE-2024-26791Apr 4, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou

  • CVE-2024-26786Apr 4, 2024
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug Syzkaller reported the following WARN_ON: WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360 Call Trace: iommufd_access_change_ioas+0x2

Page 38 of 42