VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_0&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (62)

  • CVE-2024-50257Nov 9, 2024
    affected < 18-150600.4.46.1fixed 18-150600.4.46.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in get_info() ip6table_nat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 module_put+0x6f/0x80 Modules linked in: ip

  • CVE-2024-50250Nov 9, 2024
    affected < 19-150600.4.49.1fixed 19-150600.4.49.1

    In the Linux kernel, the following vulnerability has been resolved: fsdax: dax_unshare_iter needs to copy entire blocks The code that copies data from srcmap to iomap in dax_unshare_iter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len p

  • CVE-2024-50208Nov 8, 2024
    affected < 19-150600.4.49.1fixed 19-150600.4.49.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (co

  • CVE-2024-50127HigNov 5, 2024
    affected < 18-150600.4.46.1fixed 18-150600.4.46.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre

  • CVE-2024-50125Nov 5, 2024
    affected < 18-150600.4.46.1fixed 18-150600.4.46.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.

  • CVE-2024-50124Nov 5, 2024
    affected < 18-150600.4.46.1fixed 18-150600.4.46.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.

  • CVE-2024-46818Sep 27, 2024
    affected < 12-150600.4.28.1fixed 12-150600.4.28.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46815Sep 27, 2024
    affected < 12-150600.4.28.1fixed 12-150600.4.28.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an

  • CVE-2024-43861Aug 20, 2024
    affected < 7-150600.4.13.1fixed 7-150600.4.13.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

  • CVE-2024-42232Aug 7, 2024
    affected < 19-150600.4.49.1fixed 19-150600.4.49.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can re

  • CVE-2024-42159Jul 30, 2024
    affected < 12-150600.4.28.1fixed 12-150600.4.28.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed.

  • CVE-2024-42133Jul 30, 2024
    affected < 6-150600.4.10.1fixed 6-150600.4.10.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hci_le_big_sync_established_evt is necessary to filter out cases where the handle value is belonging to ida id range, otherwise ida will be erroneously released

  • CVE-2024-41057Jul 29, 2024
    affected < 9-150600.4.19.1fixed 9-150600.4.19.1

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN:

  • CVE-2024-41090Jul 29, 2024
    affected < 14-150600.4.34.1fixed 14-150600.4.34.1

    In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Ev

  • CVE-2024-40956Jul 12, 2024
    affected < 11-150600.4.25.1fixed 11-150600.4.25.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed

  • CVE-2024-40954Jul 12, 2024
    affected < 5-150600.1.1fixed 5-150600.1.1

    In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_

  • CVE-2024-40937Jul 12, 2024
    affected < 18-150600.4.46.1fixed 18-150600.4.46.1

    In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags

  • CVE-2024-40921Jul 12, 2024
    affected < 9-150600.4.19.1fixed 9-150600.4.19.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each caller has already correctly d

  • CVE-2024-40920Jul 12, 2024
    affected < 9-150600.4.19.1fixed 9-150600.4.19.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper. Switch to vlan group RCU

  • CVE-2024-36979Jun 19, 2024
    affected < 9-150600.4.19.1fixed 9-150600.4.19.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same