rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (428)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-43902		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.
CVE-2024-43900		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the mo
CVE-2024-43899		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20_resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all and then enabling fullscreen playback (
CVE-2024-43897		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_N
CVE-2024-43894		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drm_client_modeset_probe In drm_client_modeset_probe(), the return value of drm_mode_duplicate() is assigned to modeset->mode, which will lead to a possible NULL poin
CVE-2024-43892		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many small jobs") decoupled the memcg IDs from the CSS ID space to fix the cgroup creat
CVE-2024-43884		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 26, 2024	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the func
CVE-2024-43883		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 23, 2024	In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak
CVE-2024-43882	Hig	7.0	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer
CVE-2024-43879	Med	5.5	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel:
CVE-2024-43871	Med	5.5	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele
CVE-2024-43881		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: change DMA direction while mapping reinjected packets For fragmented packets, ath12k reassembles each fragment as a normal packet and then reinjects it into HW ring. In this case, the DMA directio
CVE-2024-43880		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e
CVE-2024-43877		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: media: pci: ivtv: Add check for DMA map result In case DMA fails, 'dma->SG_length' is 0. This value is later used to access 'dma->SGarray[dma->SG_length - 1]', which will cause out of bounds access. Add check
CVE-2024-43876		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is
CVE-2024-43875		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we
CVE-2024-43874		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if the psp_device or the sev_d
CVE-2024-43873		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un
CVE-2024-43872		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han
CVE-2024-43867		—	< 1-150600.1.3.2	1-150600.1.3.2	Aug 20, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in

CVE-2024-43902Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.
CVE-2024-43900Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the mo
CVE-2024-43899Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20_resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all and then enabling fullscreen playback (
CVE-2024-43897Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_N
CVE-2024-43894Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drm_client_modeset_probe In drm_client_modeset_probe(), the return value of drm_mode_duplicate() is assigned to modeset->mode, which will lead to a possible NULL poin
CVE-2024-43892Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many small jobs") decoupled the memcg IDs from the CSS ID space to fix the cgroup creat
CVE-2024-43884Aug 26, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the func
CVE-2024-43883Aug 23, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak
CVE-2024-43882HigAug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer
CVE-2024-43879MedAug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel:
CVE-2024-43871MedAug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele
CVE-2024-43881Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: change DMA direction while mapping reinjected packets For fragmented packets, ath12k reassembles each fragment as a normal packet and then reinjects it into HW ring. In this case, the DMA directio
CVE-2024-43880Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e
CVE-2024-43877Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: media: pci: ivtv: Add check for DMA map result In case DMA fails, 'dma->SG_length' is 0. This value is later used to access 'dma->SGarray[dma->SG_length - 1]', which will cause out of bounds access. Add check
CVE-2024-43876Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is
CVE-2024-43875Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we
CVE-2024-43874Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if the psp_device or the sev_d
CVE-2024-43873Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un
CVE-2024-43872Aug 21, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han
CVE-2024-43867Aug 20, 2024
affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in

Page 4 of 22