rpm package
suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (425)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26844 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request wit | ||
| CVE-2024-26836 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested | ||
| CVE-2024-26832 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not inva | ||
| CVE-2024-26822 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll | ||
| CVE-2024-26816 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us | |
| CVE-2024-26815 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; // Signed value tc = nla_get_u32(tb[TCA_TAPRIO_TC_ENT | ||
| CVE-2024-26807 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c | ||
| CVE-2024-26805 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar | ||
| CVE-2024-26802 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does | ||
| CVE-2024-26793 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h | ||
| CVE-2024-26791 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou | ||
| CVE-2024-26786 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug Syzkaller reported the following WARN_ON: WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360 Call Trace: iommufd_access_change_ioas+0x2 | ||
| CVE-2024-26783 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the followi | ||
| CVE-2024-26775 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1 | ||
| CVE-2024-26774 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap | ||
| CVE-2024-26773 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a | ||
| CVE-2024-26772 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating block | ||
| CVE-2024-26769 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work in | ||
| CVE-2024-26764 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c: | ||
| CVE-2024-26761 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist |
- CVE-2024-26844Apr 17, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request wit
- CVE-2024-26836Apr 17, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested
- CVE-2024-26832Apr 17, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not inva
- CVE-2024-26822Apr 17, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us
- CVE-2024-26815Apr 10, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; // Signed value tc = nla_get_u32(tb[TCA_TAPRIO_TC_ENT
- CVE-2024-26807Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c
- CVE-2024-26805Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar
- CVE-2024-26802Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does
- CVE-2024-26793Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h
- CVE-2024-26791Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou
- CVE-2024-26786Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug Syzkaller reported the following WARN_ON: WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360 Call Trace: iommufd_access_change_ioas+0x2
- CVE-2024-26783Apr 4, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the followi
- CVE-2024-26775Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1
- CVE-2024-26774Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap
- CVE-2024-26773Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a
- CVE-2024-26772Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating block
- CVE-2024-26769Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work in
- CVE-2024-26764Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:
- CVE-2024-26761Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist
Page 19 of 22