VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (265)

  • CVE-2024-56568Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs due to a race between smmu driver probe and client driver probe, when of_dma_configure() for client is called after

  • CVE-2024-56558Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to

  • CVE-2024-56548Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like

  • CVE-2024-56546Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() If we fail to allocate memory for cb_data by kmalloc, the memory allocation for eve_data is never freed, add the missing kfree() in the e

  • CVE-2024-56543Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core hal

  • CVE-2024-56538Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace access

  • CVE-2024-56533Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but thi

  • CVE-2024-56532Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but th

  • CVE-2024-56531Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but thi

  • CVE-2024-53239Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as

  • CVE-2024-53236Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for transmitting an xsk descriptor, i.e., for every non-multibuf descriptor or the first frag of a multibuf descriptor, but the des

  • CVE-2024-53233Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8_load() error path utf8_load() requests the symbol "utf8_data_table" and then checks if the requested UTF-8 version is supported. If it's unsupported, it tries to put the data table using symbo

  • CVE-2024-53232Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug __iommu_group_set_domain_nofail() attaching the default domain fa

  • CVE-2024-53231Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() cpufreq_cpu_get_raw() may return NULL if the cpu is not in policy->cpus cpu mask and it will cause null pointer dereference.

  • CVE-2024-53230Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() cpufreq_cpu_get_raw() may return NULL if the cpu is not in policy->cpus cpu mask and it will cause null pointer dereference, so check NULL for

  • CVE-2024-53227Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dump_s

  • CVE-2024-53203Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via debugfs. The worry is that if con_index is zero then "&uc->ucsi->connector[con_inde

  • CVE-2024-53198Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() This patch fixes an issue in the function xenbus_dev_probe(). In the xenbus_dev_probe() function, within the if (err) branch at l

  • CVE-2024-53197KEVDec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

  • CVE-2024-53196Dec 27, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI. Nevertheless, it's clear that this plumbing has seen lim

Page 12 of 14