VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (428)

  • CVE-2024-50127HigNov 5, 2024
    affected < 12-150600.2.1fixed 12-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre

  • CVE-2024-50125Nov 5, 2024
    affected < 12-150600.2.1fixed 12-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.

  • CVE-2024-50124Nov 5, 2024
    affected < 12-150600.2.1fixed 12-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.

  • CVE-2024-49860Oct 21, 2024
    affected < 17-150600.2.2fixed 17-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory.

  • CVE-2024-47684MedOct 21, 2024
    affected < 4-150600.2.1fixed 4-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r

  • CVE-2024-46818Sep 27, 2024
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46815Sep 27, 2024
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an

  • CVE-2024-45016MedSep 11, 2024
    affected < 4-150600.2.1fixed 4-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.

  • CVE-2024-44939Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry [syzbot reported] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000

  • CVE-2024-44938Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop direc

  • CVE-2024-43902MedAug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.

  • CVE-2024-43893MedAug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baud_base can result in uartclk being zero, which will result in a divide by zero error in uart_get_divisor

  • CVE-2024-43889MedAug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. [ 10.017908] Oops: divide error: 0000 1 PREEMPT SMP NOPT

  • CVE-2024-44931Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an of

  • CVE-2024-43912Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels is

  • CVE-2024-43911Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamically allocated. They don't point to vif->bss_conf. So, there will be no chanreq ass

  • CVE-2024-43909Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table.

  • CVE-2024-43908Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it

  • CVE-2024-43907Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference

  • CVE-2024-43906Aug 26, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it

Page 3 of 22