rpm package
suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (425)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26760 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree(). | ||
| CVE-2024-26742 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs t | ||
| CVE-2024-26740 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run | ||
| CVE-2024-26739 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod | ||
| CVE-2024-26737 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_and_free and bpf_timer_cancel. It will lead a UAF on the timer->timer. bpf_timer_c | ||
| CVE-2024-26733 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr | ||
| CVE-2024-26731 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000 | ||
| CVE-2023-52641 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() It is preferable to exit through the out: label because internal debugging functions are located there. | ||
| CVE-2023-52640 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea. | ||
| CVE-2024-26726 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start | ||
| CVE-2024-26714 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of | ||
| CVE-2024-26704 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat | ||
| CVE-2024-26692 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value wh | ||
| CVE-2024-26685 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in end_buffer_async_write According to a syzbot report, end_buffer_async_write(), which handles the completion of block device writes, may detect abnormal condition of the buffer async | ||
| CVE-2024-26684 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 ("net: stmmac: Implement Safety Features in XGMAC core") checks and reports safety errors, but leaves the Data Path Pari | ||
| CVE-2024-26679 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet: read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN warning. | ||
| CVE-2024-26674 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6. | ||
| CVE-2024-26673 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a | ||
| CVE-2024-26671 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_ | ||
| CVE-2023-52635 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from |
- CVE-2024-26760Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree().
- CVE-2024-26742Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs t
- CVE-2024-26740Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run
- CVE-2024-26739Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod
- CVE-2024-26737Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_and_free and bpf_timer_cancel. It will lead a UAF on the timer->timer. bpf_timer_c
- CVE-2024-26733Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr
- CVE-2024-26731Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000
- CVE-2023-52641Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() It is preferable to exit through the out: label because internal debugging functions are located there.
- CVE-2023-52640Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea.
- CVE-2024-26726Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start
- CVE-2024-26714Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of
- CVE-2024-26704Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat
- CVE-2024-26692Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value wh
- CVE-2024-26685Apr 3, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in end_buffer_async_write According to a syzbot report, end_buffer_async_write(), which handles the completion of block device writes, may detect abnormal condition of the buffer async
- CVE-2024-26684Apr 2, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 ("net: stmmac: Implement Safety Features in XGMAC core") checks and reports safety errors, but leaves the Data Path Pari
- CVE-2024-26679Apr 2, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: inet: read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN warning.
- CVE-2024-26674Apr 2, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.
- CVE-2024-26673Apr 2, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a
- CVE-2024-26671Apr 2, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_
- CVE-2023-52635Apr 2, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from
Page 20 of 22