VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (315)

  • CVE-2024-38603MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() pci_alloc_irq_vectors() allocates an irq vector. When devm_add_action() fails, the irq vector is not freed, which leads to a memory leak. Repla

  • CVE-2024-38602MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The

  • CVE-2024-38601MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new pag

  • CVE-2024-38600MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, call callbacks and do sync for card->power_ref_sleep waiters at the end. The callb

  • CVE-2024-38599HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the x

  • CVE-2024-38597MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398) WARNING: CPU:

  • CVE-2024-38595MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix peer devlink set for SF representor devlink port The cited patch change register devlink flow, and neglect to reflect the changes for peer devlink set logic. Peer devlink set is triggering a call

  • CVE-2024-38594MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To addre

  • CVE-2024-38592MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init `ddp_comp` with devm_kcalloc() In the case where `conn_routes` is true we allocate an extra slot in the `ddp_comp` array but mtk_drm_crtc_create() never seemed to initialize it in the test ca

  • CVE-2024-38591MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix deadlock on SRQ async events. xa_lock for SRQ table may be required in AEQ. Use xa_store_irq()/ xa_erase_irq() to avoid deadlock.

  • CVE-2024-38590MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdev_err() to ibdev_err_ratelimited(), and change the printing level of cqe dump to debug level.

  • CVE-2024-38588HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix possible use-after-free issue in ftrace_location() KASAN reports a bug: BUG: KASAN: use-after-free in ftrace_location+0x90/0x120 Read of size 8 at addr ffff888141d40010 by task insmod/424 CPU

  • CVE-2024-38587MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs ARRAY_SIZE() bug The "buf" pointer is an array of u16 values. This code should be using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512), otherwise it can the still got o

  • CVE-2024-38583HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series "nilfs2: fix log writer related issues". This bug fix series covers three nilfs2 log writer-related issues, including a timer use-after-fr

  • CVE-2024-38582MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfs_detach_log_writer() Syzbot has reported a potential hang in nilfs_detach_log_writer() called during nilfs2 unmount. Analysis revealed that this is because nilfs_segctor_sync

  • CVE-2024-38581HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpu_mes.c

  • CVE-2024-38580MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfs_poll() with a file pointer that may race with the last 'fput()'. That would make f_count go down to zero, and while the ep->mtx locking means that

  • CVE-2024-38579MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key

  • CVE-2024-38578HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for t

  • CVE-2024-38575MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. As a result, if we use get_random_bytes() to generate

Page 5 of 16