VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (268)

  • CVE-2024-50098Nov 5, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEV_QUIESCE was set for all LU's scsi_devices by UFS shutdown, and at

  • CVE-2024-50096Nov 5, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The `nouveau_dmem_copy_one` function ensures that the copy push command is sent to the device firmware but does not track whether it was execute

  • CVE-2024-50093Nov 5, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to enable a PCI device, which means the device will be automatically disabled on drive

  • CVE-2023-52920MedNov 5, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction (jump) history to record instructions that performed register spill/fill to/from stack, regardless if this was done t

  • CVE-2024-50088Oct 29, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free in add_inode_ref() The add_inode_ref() function does not initialize the "name" struct when it is declared. If any of the following calls to "read_one_inode() returns NULL,

  • CVE-2024-50087Oct 29, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free on read_alloc_one_name() error The function read_alloc_one_name() does not initialize the name field of the passed fscrypt_str struct if kmalloc fails to allocate the corre

  • CVE-2024-50084Oct 29, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() Commit a3c1e45156ad ("net: microchip: vcap: Fix use-after-free error in kunit test") fixed the use-after-free error, but introduced belo

  • CVE-2024-50082Oct 29, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 #PF: su

  • CVE-2024-50081Oct 29, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue ->tag_set before initializing hctx Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped to specified hctx") needs to check queue mapping via tag set in hctx's cpuhp han

  • CVE-2024-50080Oct 29, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ublk: don't allow user copy for unprivileged device UBLK_F_USER_COPY requires userspace to call write() on ublk char device for filling request buffer, and unprivileged device can't be trusted. So don't allow

  • CVE-2024-50067Oct 28, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, array

  • CVE-2024-50026Oct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr()

  • CVE-2024-50015MedOct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by use

  • CVE-2024-50006MedOct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates

  • CVE-2024-50014Oct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to

  • CVE-2024-50012Oct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parse_perf_domain function, if the call to of_parse_phandle_with_args returns an error, then the reference to the CPU device node that was acquired at the

  • CVE-2024-50009Oct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return in case of error. Found by Linux Verification Center (linuxtesti

  • CVE-2024-50004Oct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 [WHY & HOW] Mismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause grey screen and system h

  • CVE-2024-50003Oct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix system hang while resume with TBT monitor [Why] Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during t

  • CVE-2024-49952MedOct 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write per-cpu variable nf_skb_duplicated in an unsafe way [1]. Disabling preemption as hinted b

Page 10 of 14