VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (425)

  • CVE-2024-35909May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Split 64bit accesses to fix alignment issues Some of the registers are aligned on a 32bit boundary, causing alignment faults on 64bit platforms. Unable to handle kernel paging request at virt

  • CVE-2024-35907May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows

  • CVE-2024-35904May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on

  • CVE-2024-35903May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for the CALL instruction if `x86_call_depth_emit_accounting` emits code. Otherwise w

  • CVE-2024-35901May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_

  • CVE-2024-35891May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may return NULL as ptp_header due to abnormal packet type or corrupted packet. Fix th

  • CVE-2024-35889May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix kernel panic on unknown packet types In the very rare case where a packet type is unknown to the driver, idpf_rx_process_skb_fields would return early without calling eth_type_trans to set the skb pro

  • CVE-2024-35887May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25_ds_del_timer When the ax25 device is detaching, the ax25_dev_device_down() calls ax25_ds_del_timer() to cleanup the slave_timer. When the timer handler is running, t

  • CVE-2024-35885May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: stop interface during shutdown The mlxbf_gige driver intermittantly encounters a NULL pointer exception while the system is shutting down via "reboot" command. The mlxbf_driver will experience an ex

  • CVE-2024-35883May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe In function pci1xxxx_spi_probe, there is a potential null pointer that may be caused by a failed memory allocation by the function

  • CVE-2024-35879May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: of: dynamic: Synchronize of_changeset_destroy() with the devlink removals In the following sequence: 1) of_platform_depopulate() 2) of_overlay_remove() During the step 1, devices are destroyed and devlinks

  • CVE-2024-35878May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr

  • CVE-2024-35875May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host

  • CVE-2024-35872May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folio_is_secretmem() currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without

  • CVE-2024-35870May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server() The UAF bug is due to smb2_reconnect_server() accessing a session that is already being teared down by another thread that is executing __cifs_put_smb_ses(). Thi

  • CVE-2024-35869May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tco

  • CVE-2024-35868May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35867May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35864May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35863May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

Page 8 of 22