VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (425)

  • CVE-2024-35862May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35861May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35860May 19, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpf_link dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for mu

  • CVE-2024-35849HigMay 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/

  • CVE-2024-35845CriMay 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.

  • CVE-2024-35854May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is

  • CVE-2024-35852May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that t

  • CVE-2024-35851May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev suspend Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is NULL. Add the missing sanity

  • CVE-2024-35850May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev setup Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is NULL. Add the missing sanity ch

  • CVE-2024-35847May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after successfully allocating at least one interrupt. This h

  • CVE-2024-35842May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a `normal_link` (a non-SOF, direct link) string, and this is the case for So

  • CVE-2024-35841May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in __sk_msg_free A splice with MSG_SPLICE_PAGES will cause tls code to use the tls_sw_sendmsg_splice path in the TLS sendmsg code to move the user provided pages from the msg into the msg

  • CVE-2023-52698May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass() If IPv6 support is disabled at boot (ipv6.disable=1), the calipso_init() -> netlbl_calipso_ops_register() function isn't called, and the netlbl_calipso_ops_

  • CVE-2023-52697May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "r

  • CVE-2023-52696May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2023-52695May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check writeback connectors in create_validate_stream_for_sink [WHY & HOW] This is to check connector type to avoid unhandled null pointer for writeback connectors.

  • CVE-2023-52694May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function With tpd12s015_remove() marked with __exit this function is discarded when the driver is compiled as a built-in. The result is that when t

  • CVE-2023-52693May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpi_get_parent() called in acpi_video_dev_register_backlight() fails, for example, because acpi_ut_acquire_mutex() fails inside acpi_

  • CVE-2023-52692May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it fails rather than continuing w

  • CVE-2023-52691May 17, 2024
    affected < 1-150600.13.3.7fixed 1-150600.13.3.7

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. Howev

Page 9 of 22