rpm package
suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (425)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36921 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would result in out-of-bounds array accesses. This prevents issues should the drive | ||
| CVE-2024-36918 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Check bloom filter map value size This patch adds a missing check to bloom filter creating, rejecting values above KMALLOC_MAX_SIZE. This brings the bloom map in line with many other map types. The lack o | ||
| CVE-2024-36906 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: [ 33.452494] ================================================================== [ 33.453513] BUG: KASAN: stack-out-of-bounds in refres | ||
| CVE-2024-36897 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info whil | ||
| CVE-2024-36896 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_store(): usb_hub_to_struct_hub() can return NULL if the hub that the port belongs to | ||
| CVE-2024-36895 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb ("usb: gadget: uvc: Generalise helper functions for reuse") i | ||
| CVE-2024-36893 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->partner is set to the err | ||
| CVE-2024-36891 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if the maple state is MA_START, but mas_start() may return with the maple state node | ||
| CVE-2024-36890 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *l | ||
| CVE-2024-36880 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer. | ||
| CVE-2024-36032 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply | ||
| CVE-2023-52882 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to syste | ||
| CVE-2024-36030 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem() Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c:line 2184, column 2 Attempt to free released memory. npc_mca | ||
| CVE-2024-36029 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device and uses host->runtime_suspended flag to protect access to it. The sdhci-msm driver doesn't set this flag, which ca | ||
| CVE-2024-36020 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using t | |
| CVE-2024-36026 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before send | ||
| CVE-2024-36025 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to preven | ||
| CVE-2024-36021 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, | ||
| CVE-2024-36019 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcache_maple_drop() When keeping the upper end of a cache block entry, the entry[] array must be indexed by the offset from the base register of the block, i.e. max - ma | ||
| CVE-2024-36018 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau/uvmm: fix addr/range calcs for remap operations dEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8 was causing a remap operation like the below. op_remap: prev: 0000003fffed0000 00000000000f |
- CVE-2024-36921May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would result in out-of-bounds array accesses. This prevents issues should the drive
- CVE-2024-36918May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: bpf: Check bloom filter map value size This patch adds a missing check to bloom filter creating, rejecting values above KMALLOC_MAX_SIZE. This brings the bloom map in line with many other map types. The lack o
- CVE-2024-36906May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: [ 33.452494] ================================================================== [ 33.453513] BUG: KASAN: stack-out-of-bounds in refres
- CVE-2024-36897May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info whil
- CVE-2024-36896May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_store(): usb_hub_to_struct_hub() can return NULL if the hub that the port belongs to
- CVE-2024-36895May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb ("usb: gadget: uvc: Generalise helper functions for reuse") i
- CVE-2024-36893May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->partner is set to the err
- CVE-2024-36891May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if the maple state is MA_START, but mas_start() may return with the maple state node
- CVE-2024-36890May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *l
- CVE-2024-36880May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer.
- CVE-2024-36032May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply
- CVE-2023-52882May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to syste
- CVE-2024-36030May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem() Clang static checker(scan-build) warning: drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c:line 2184, column 2 Attempt to free released memory. npc_mca
- CVE-2024-36029May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device and uses host->runtime_suspended flag to protect access to it. The sdhci-msm driver doesn't set this flag, which ca
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using t
- CVE-2024-36026May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before send
- CVE-2024-36025May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to preven
- CVE-2024-36021May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So,
- CVE-2024-36019May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcache_maple_drop() When keeping the upper end of a cache block entry, the entry[] array must be indexed by the offset from the base register of the block, i.e. max - ma
- CVE-2024-36018May 30, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: nouveau/uvmm: fix addr/range calcs for remap operations dEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8 was causing a remap operation like the below. op_remap: prev: 0000003fffed0000 00000000000f
Page 3 of 22