VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (315)

  • CVE-2024-36900MedMay 30, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, pr

  • CVE-2024-36899HigMay 30, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed

  • CVE-2024-36887MedMay 30, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: e1000e: change usleep_range to udelay in PHY mdic access This is a partial revert of commit 6dbdd4de0362 ("e1000e: Workaround for sporadic MDI error on Meteor Lake systems"). The referenced commit used usleep_r

  • CVE-2024-36882MedMay 30, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: mm: use memalloc_nofs_save() in page_cache_ra_order() See commit f2c817bed58d ("mm: use memalloc_nofs_save in readahead path"), ensure that page_cache_ra_order() do not attempt to reclaim file-backed pages too,

  • CVE-2024-36024MedMay 30, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the tran

  • CVE-2024-36017MedMay 30, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least o

  • CVE-2023-52881MedMay 29, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The

  • CVE-2023-52880MedMay 24, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM

  • CVE-2024-36010MedMay 22, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igb_set_fw_version Commit 1978d3ead82c ("intel: fix string truncation warnings") fixes '-Wformat-truncation=' warnings in igb_main.c by using kasprintf. drivers/net/ether

  • CVE-2023-52879MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: tracing: Have trace_event_file have ref counters The following can crash the kernel: # cd /sys/kernel/tracing # echo 'p:sched schedule' > kprobe_events # exec 5>>events/kprobes/sched/enable # > kprobe_even

  • CVE-2023-52878MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a

  • CVE-2023-52877MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on failure. When port->partner is an error, a NULL pointer dereference may occur as

  • CVE-2023-52876MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.

  • CVE-2023-52875MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.

  • CVE-2023-52874MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be clea

  • CVE-2023-52873MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.

  • CVE-2023-52872MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix race condition in status line change on dead connections gsm_cleanup_mux() cleans up the gsm by closing all DLCIs, stopping all timers, removing the virtual tty devices and clearing the data que

  • CVE-2023-52871MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption Usually there is only one llcc device. But if there were a second, even a failed probe call would modify the global drv_data pointer. So check if

  • CVE-2023-52870MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.

  • CVE-2023-52869MedMay 21, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: pstore/platform: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.

Page 9 of 16