VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (425)

  • CVE-2024-27001May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some things can fall through the cracks. Depending on the hardware model, URBs can have either bulk or in

  • CVE-2024-27000May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the B

  • CVE-2024-26999May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're

  • CVE-2024-26997May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow.

  • CVE-2024-26996May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t

  • CVE-2024-26995May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Correct the PDO counting in pd_set Off-by-one errors happen because nr_snk_pdo and nr_src_pdo are incorrectly added one. The index of the loop is equal to the number of PDOs to be updated when

  • CVE-2024-26994May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters), we have to stop before the length of the word buffer.

  • CVE-2024-26992May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architecturally broken without an obvious/easy path forward, and because exposing adaptive

  • CVE-2024-26991May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes Fix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger KASAN splat, as seen in the private_mem_conversions_test selftest

  • CVE-2024-26990May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvm_mmu_page_ad_need_write_protect() when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU

  • CVE-2024-26989May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access MEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI when boot

  • CVE-2024-26986May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in create_process failure Fix memory leak due to a leaked mmget reference on an error handling code path that is triggered when attempting to create KFD processes while a GPU reset i

  • CVE-2024-26984May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad

  • CVE-2024-26983May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: bootconfig: use memblock_free_late to free xbc memory to buddy On the time to free xbc memory in xbc_exit(), memblock may has handed over memory to buddy allocator. So it doesn't make sense to free memory back

  • CVE-2024-26981May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfs_set_de_type The size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is defined as "S_IFMT >> S_SHIFT", but the nilfs_set_de_type() function, which uses this array, specifie

  • CVE-2024-26978May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: serial: max310x: fix NULL pointer dereference in I2C instantiation When trying to instantiate a max14830 device from userspace: echo max14830 0x60 > /sys/bus/i2c/devices/i2c-2/new_device we get the follow

  • CVE-2024-26964May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the follo

  • CVE-2024-26963May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove() is called. Do a pm_runtime_get_sync() to make sure module is active before doing a

  • CVE-2024-26962May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape position will wait for reshape to make progress. Howev

  • CVE-2024-26957May 1, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcrypt_card. The

Page 16 of 22