VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (425)

  • CVE-2024-27399May 13, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be

  • CVE-2024-27398May 13, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection

  • CVE-2023-52655May 13, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T

  • CVE-2024-27393May 9, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed

  • CVE-2023-52654May 9, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_gener

  • CVE-2024-27389MedMay 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0

  • CVE-2024-27388May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.

  • CVE-2024-27080May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario

  • CVE-2024-27067May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DEBUG_SHIRQ. This might cau

  • CVE-2023-52653May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error

  • CVE-2023-52652May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntb_register_device() If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), ca

  • CVE-2024-27062May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306

  • CVE-2024-27057May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during suspend the D

  • CVE-2024-27056May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may

  • CVE-2024-27046May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po

  • CVE-2024-27036May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix writeback data corruption cifs writeback doesn't correctly handle the case where cifs_extend_writeback() hits a point where it is considering an additional folio, but this would overrun the wsize - at

  • CVE-2024-27031May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt The loop inside nfs_netfs_issue_read() currently does not disable interrupts while iterating through pages in the xarray to submit for NFS

  • CVE-2024-27030May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two C

  • CVE-2024-27029May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140.

  • CVE-2024-27028May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a che

Page 14 of 22