VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (315)

  • CVE-2024-38550MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ASoC: kirkwood: Fix potential NULL dereference In kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if CONFIG_PLAT_ORION macro is not defined. Fix this bug by adding NULL check. Found by Linux Verifica

  • CVE-2024-38549MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace appl

  • CVE-2024-38548MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdns_mhdp_atomic_enable(), the return value of drm_mode_duplicate() is assigned to mhdp_state->current_mode, and there is a dereference of it

  • CVE-2024-38547MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries The allocation failure of mycs->yuv_scaler_binary in load_video_binaries() is followed with a dereference of mycs->yuv_scaler_binar

  • CVE-2024-38546MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm: vc4: Fix possible null pointer dereference In vc4_hdmi_audio_init() of_get_address() may return NULL which is later dereferenced. Fix this bug by adding NULL check. Found by Linux Verification Center (lin

  • CVE-2024-38545HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xa_loc

  • CVE-2024-38544MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkts queue and then a decision is made whether to run the completer task inline or s

  • CVE-2024-38543MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if the physical memory has run out. As a result, if src_pfns or dst_pfns is derefe

  • CVE-2024-38541CriJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not

  • CVE-2024-38540MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Undefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called with hwq_attr->aux_depth != 0 and hwq_attr->aux_stride == 0. In that

  • CVE-2024-38539MedJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (memp

  • CVE-2024-36979HigJun 19, 2024
    affected < 7-150600.13.6.1fixed 7-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same

  • CVE-2024-36978HigJun 19, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw

  • CVE-2024-36977MedJun 18, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3_usb3 >= 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because

  • CVE-2024-36975MedJun 18, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2.

  • CVE-2024-36974HigJun 18, 2024
    affected < 9-150600.2.1fixed 9-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k

  • CVE-2024-36973HigJun 17, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_r

  • CVE-2024-36972HigJun 10, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Billy Jheng Bing-Jhong reported a race between __unix_gc() and queue_oob(). __unix_gc() tries to garbage-collect close()d inflight sockets, and

  • CVE-2024-36971HigKEVJun 10, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca

  • CVE-2024-36969MedJun 8, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves

Page 7 of 16