VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (425)

  • CVE-2024-56648MedDec 27, 2024
    affected < 10-150600.2.1fixed 10-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend

  • CVE-2024-53156HigDec 24, 2024
    affected < 14-150600.2.2fixed 14-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255

  • CVE-2024-53104HigKEVDec 2, 2024
    affected < 9-150600.2.1fixed 9-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

  • CVE-2024-53042MedNov 19, 2024
    affected < 14-150600.2.2fixed 14-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning [

  • CVE-2024-50302MedKEVNov 19, 2024
    affected < 10-150600.2.1fixed 10-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k

  • CVE-2024-50264HigNov 19, 2024
    affected < 6-150600.13.6.1fixed 6-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. T

  • CVE-2024-50115HigNov 5, 2024
    affected < 14-150600.2.2fixed 14-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc

  • CVE-2024-46818HigSep 27, 2024
    affected < 10-150600.2.1fixed 10-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46815HigSep 27, 2024
    affected < 10-150600.2.1fixed 10-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an

  • CVE-2024-43882HigAug 21, 2024
    affected < 14-150600.2.2fixed 14-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer

  • CVE-2024-43861MedAug 20, 2024
    affected < 5-150600.13.6.1fixed 5-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

  • CVE-2024-42159HigJul 30, 2024
    affected < 10-150600.2.1fixed 10-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed.

  • CVE-2024-42133MedJul 30, 2024
    affected < 4-150600.13.6.1fixed 4-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hci_le_big_sync_established_evt is necessary to filter out cases where the handle value is belonging to ida id range, otherwise ida will be erroneously released

  • CVE-2024-41057HigJul 29, 2024
    affected < 7-150600.13.6.1fixed 7-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() We got the following issue in our fault injection stress test: ================================================================== BUG: KASAN:

  • CVE-2024-40956HigJul 12, 2024
    affected < 9-150600.2.1fixed 9-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed

  • CVE-2024-40954HigJul 12, 2024
    affected < 3-150600.13.6.1fixed 3-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_

  • CVE-2024-40921MedJul 12, 2024
    affected < 7-150600.13.6.1fixed 7-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each caller has already correctly d

  • CVE-2024-40920HigJul 12, 2024
    affected < 7-150600.13.6.1fixed 7-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper. Switch to vlan group RCU

  • CVE-2024-40909HigJul 12, 2024
    affected < 2-150600.2.1fixed 2-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed by link->ops->dealloc_deferred, but the code still tests and uses link->ops->dealloc afterward, which lead

  • CVE-2024-36979HigJun 19, 2024
    affected < 7-150600.13.6.1fixed 7-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same

Page 1 of 22