rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (428)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41038 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length | ||
| CVE-2024-41037 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hw_params_upon_resume(). On Intel platforms with HDA DMA used to manage the link DM | ||
| CVE-2024-41036 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq: | ||
| CVE-2024-41035 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin | ||
| CVE-2024-41032 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps between set CPUs, for example SPARC. In this scenario addr_to_vb_xa() hash func | ||
| CVE-2024-41028 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is mi | ||
| CVE-2024-41025 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is | ||
| CVE-2024-41022 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" variable needs to be signed for the error handling to work. | ||
| CVE-2024-41020 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p | ||
| CVE-2024-41016 | Med | 5.5 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me | |
| CVE-2024-41015 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don't stray beyond valid memory region. | ||
| CVE-2024-41012 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait(). However, LSMs can allow the first do_lock_file_wait | ||
| CVE-2024-41011 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re | ||
| CVE-2024-41010 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that the tcx_entry can be released too early leading to a use after free (UAF) when a | ||
| CVE-2024-41009 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer coun | ||
| CVE-2023-52886 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr | ||
| CVE-2024-41007 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1 | ||
| CVE-2023-52885 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis | ||
| CVE-2024-41004 | Med | 5.5 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and | |
| CVE-2024-41000 | Hig | 7.8 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: [ 62.982337] ------------[ cut here ]------------ [ 62.985692 |
- CVE-2024-41038Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length
- CVE-2024-41037Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hw_params_upon_resume(). On Intel platforms with HDA DMA used to manage the link DM
- CVE-2024-41036Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq:
- CVE-2024-41035Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin
- CVE-2024-41032Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps between set CPUs, for example SPARC. In this scenario addr_to_vb_xa() hash func
- CVE-2024-41028Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is mi
- CVE-2024-41025Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. This name needs to be copied to kernel for which memory is allocated. This memory is
- CVE-2024-41022Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() The "instance" variable needs to be signed for the error handling to work.
- CVE-2024-41020Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me
- CVE-2024-41015Jul 29, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don't stray beyond valid memory region.
- CVE-2024-41012Jul 23, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntl_setlk() races with close(), it removes the created lock with do_lock_file_wait(). However, LSMs can allow the first do_lock_file_wait
- CVE-2024-41011Jul 18, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re
- CVE-2024-41010Jul 17, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that the tcx_entry can be released too early leading to a use after free (UAF) when a
- CVE-2024-41009Jul 17, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf The BPF ring buffer internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters: consumer_pos is the consumer coun
- CVE-2023-52886Jul 16, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr
- CVE-2024-41007Jul 15, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1
- CVE-2023-52885Jul 14, 2024affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: [ 62.982337] ------------[ cut here ]------------ [ 62.985692
Page 15 of 22