rpm package

suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (239)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-50140		—	< 1-150600.13.5.1	1-150600.13.5.1	Nov 7, 2024	In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function c
CVE-2024-50126		—	< 1-150600.13.5.1	1-150600.13.5.1	Nov 5, 2024	In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6
CVE-2024-50056		—	< 1-150600.13.5.1	1-150600.13.5.1	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/functio
CVE-2024-49994		—	< 1-150600.13.5.1	1-150600.13.5.1	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: ui
CVE-2024-49940		—	< 1-150600.13.5.1	1-150600.13.5.1	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: l2tp: prevent possible tunnel refcount underflow When a session is created, it sets a backpointer to its tunnel. When the session refcount drops to 0, l2tp_session_free drops the tunnel refcount if session->tun
CVE-2024-49924		—	< 1-150600.13.5.1	1-150600.13.5.1	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this pxafb_
CVE-2024-46796		—	< 1-150600.13.5.1	1-150600.13.5.1	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_set_path_size() If smb2_compound_op() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() before retrying it as the referen
CVE-2024-46782		—	< 1-150600.13.5.1	1-150600.13.5.1	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_exit_net() frees the rhashtable, then call nf_unregister_net_hooks(). It should b
CVE-2024-46736		—	< 1-150600.13.5.1	1-150600.13.5.1	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as the reference of @cfile
CVE-2024-43820		—	< 1-150600.13.5.1	1-150600.13.5.1	Aug 17, 2024	In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DM_RECOVERY_RUNNING is set: WARNING:
CVE-2024-42307		—	< 1-150600.13.5.1	1-150600.13.5.1	Aug 17, 2024	In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume
CVE-2024-41077		—	< 1-150600.13.5.1	1-150600.13.5.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: null_blk: fix validation of block size Block size should be between 512 and PAGE_SIZE and be a power of 2. The current check does not validate this, so update the check. Without this patch, null_blk would Oops
CVE-2024-41005	Med	4.7	< 1-150600.13.5.1	1-150600.13.5.1	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by in
CVE-2024-38606		—	< 1-150600.13.5.1	1-150600.13.5.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig
CVE-2023-52831		—	< 1-150600.13.5.1	1-150600.13.5.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARN_ON() whe
CVE-2024-35910	Med	5.8	< 1-150600.13.5.1	1-150600.13.5.1	May 19, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o
CVE-2024-35826		—	< 1-150600.13.5.1	1-150600.13.5.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: block: Fix page refcounts for unaligned buffers in __bio_release_pages() Fix an incorrect number of pages being released for buffers that do not start at the beginning of a page.
CVE-2024-26873		—	< 1-150600.13.5.1	1-150600.13.5.1	Apr 17, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be
CVE-2024-26634		—	< 1-150600.13.5.1	1-150600.13.5.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get "refunde

CVE-2024-50140Nov 7, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function c
CVE-2024-50126Nov 5, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6
CVE-2024-50056Oct 21, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/functio
CVE-2024-49994Oct 21, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: ui
CVE-2024-49940Oct 21, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: l2tp: prevent possible tunnel refcount underflow When a session is created, it sets a backpointer to its tunnel. When the session refcount drops to 0, l2tp_session_free drops the tunnel refcount if session->tun
CVE-2024-49924Oct 21, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this pxafb_
CVE-2024-46796Sep 18, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_set_path_size() If smb2_compound_op() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() before retrying it as the referen
CVE-2024-46782Sep 18, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_exit_net() frees the rhashtable, then call nf_unregister_net_hooks(). It should b
CVE-2024-46736Sep 18, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as the reference of @cfile
CVE-2024-43820Aug 17, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DM_RECOVERY_RUNNING is set: WARNING:
CVE-2024-42307Aug 17, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume
CVE-2024-41077Jul 29, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix validation of block size Block size should be between 512 and PAGE_SIZE and be a power of 2. The current check does not validate this, so update the check. Without this patch, null_blk would Oops
CVE-2024-41005MedJul 12, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by in
CVE-2024-38606Jun 19, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig
CVE-2023-52831May 21, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARN_ON() whe
CVE-2024-35910MedMay 19, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o
CVE-2024-35826May 17, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: block: Fix page refcounts for unaligned buffers in __bio_release_pages() Fix an incorrect number of pages being released for buffers that do not start at the beginning of a page.
CVE-2024-26873Apr 17, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be
CVE-2024-26634Mar 18, 2024
affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get "refunde

Page 12 of 12