rpm package
suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (425)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36016 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - si | ||
| CVE-2024-36015 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address this issue, index should be | ||
| CVE-2024-36014 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidp_mw_connector_reset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that | ||
| CVE-2024-36013 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also make the l2cap_connect() return type void. Nothing is using the returned value but | ||
| CVE-2024-36012 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_dev() to fix the following case: [use] msft_do_close() msft = hdev->msft_data; | ||
| CVE-2024-36011 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt(). | ||
| CVE-2023-52860 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregist | ||
| CVE-2023-52846 | — | < 2-150600.2.1 | 2-150600.2.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. | ||
| CVE-2023-52772 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: fix use-after-free in unix_stream_read_actor() syzbot reported the following crash [1] After releasing unix socket lock, u->oob_skb can be changed by another thread. We must temporarily increase skb r | ||
| CVE-2023-52771 | — | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL top | ||
| CVE-2023-52752 | — | < 4-150600.13.6.1 | 4-150600.13.6.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ | ||
| CVE-2024-36007 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with | |
| CVE-2024-36006 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the | |
| CVE-2024-35997 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking | |
| CVE-2024-35990 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate locking. This fixes lockdep warnings like [ 31.077578] ------------[ cut here | |
| CVE-2024-35984 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one transfer function always being availa | |
| CVE-2024-35982 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments | |
| CVE-2024-35978 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one. | |
| CVE-2024-35973 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, t | |
| CVE-2024-35969 | Med | 5.5 | < 1-150600.13.3.7 | 1-150600.13.3.7 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it still means hlist_for_each_entry_rcu can return an item that got removed f |
- CVE-2024-36016May 29, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - si
- CVE-2024-36015May 29, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address this issue, index should be
- CVE-2024-36014May 29, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidp_mw_connector_reset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that
- CVE-2024-36013May 23, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also make the l2cap_connect() return type void. Nothing is using the returned value but
- CVE-2024-36012May 23, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_dev() to fix the following case: [use] msft_do_close() msft = hdev->msft_data;
- CVE-2024-36011May 23, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref Fix potential null-ptr-deref in hci_le_big_sync_established_evt().
- CVE-2023-52860May 21, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregist
- CVE-2023-52846May 21, 2024affected < 2-150600.2.1fixed 2-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb.
- CVE-2023-52772May 21, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: af_unix: fix use-after-free in unix_stream_read_actor() syzbot reported the following crash [1] After releasing unix socket lock, u->oob_skb can be changed by another thread. We must temporarily increase skb r
- CVE-2023-52771May 21, 2024affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL top
- CVE-2023-52752May 21, 2024affected < 4-150600.13.6.1fixed 4-150600.13.6.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate locking. This fixes lockdep warnings like [ 31.077578] ------------[ cut here
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one transfer function always being availa
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, t
- affected < 1-150600.13.3.7fixed 1-150600.13.3.7
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it still means hlist_for_each_entry_rcu can return an item that got removed f
Page 4 of 22