VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (162)

  • CVE-2024-41017MedJul 29, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist.

  • CVE-2024-41014HigJul 29, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data. We can create a crafted image to

  • CVE-2024-41013HigJul 29, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to make sure don't stray beyond valid memory region. Before patching, the loop simp

  • CVE-2024-41011HigJul 18, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We re

  • CVE-2024-41006MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: netrom: Fix a memory leak in nr_heartbeat_expiry() syzbot reported a memory leak in nr_create() [0]. Commit 409db27e3a2e ("netrom: Fix use-after-free of a listening socket.") added sock_hold() to the nr_heartb

  • CVE-2024-40999MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that `first` flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A n

  • CVE-2024-40998MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() In the following concurrency we will access the uninitialized rs->lock: ext4_fill_super ext4_register_sysfs // sysfs registered

  • CVE-2024-40979MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix kernel crash during resume Currently during resume, QMI target memory is not properly handled, resulting in kernel crash in case DMA remap is not supported: BUG: Bad page state in process kwo

  • CVE-2024-40975MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Unregister devices in reverse order Not all subsystems support a device getting removed while there are still consumers of the device with a reference to the device. One exam

  • CVE-2024-40972MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking (whi

  • CVE-2024-40970MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: Avoid hw_desc array overrun in dw-axi-dmac I have a use case where nr_buffers = 3 and in which each descriptor is composed by 3 segments, resulting in the DMA channel descs_allocated to be 9. Since axi_desc_put

  • CVE-2024-40966MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: tty: add the option to have a tty reject a new ldisc ... and use it to limit the virtual terminals to just N_TTY. They are kind of special, and in particular, the "con_write()" routine violates the "writes can

  • CVE-2024-40961MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL. fib6_nh_init() ip6_validate_gw( &idev ) ip6_route_check_nh( idev ) *idev =

  • CVE-2024-40960MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL. [1] Oops: general protection fault, probably for non-canon

  • CVE-2024-40954HigJul 12, 2024
    affected < 4-150600.13.6.1fixed 4-150600.13.6.1

    In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_

  • CVE-2024-40953MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() Use {READ,WRITE}_ONCE() to access kvm->last_boosted_vcpu to ensure the loads and stores are atomic. In the extremely unlikely scenario the compil

  • CVE-2024-40948MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: mm/page_table_check: fix crash on ZONE_DEVICE Not all pages may apply to pgtable check. One example is ZONE_DEVICE pages: they map PFNs directly, and they don't allocate page_ext at all even if there's struct

  • CVE-2024-40947MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in ima_match_policy: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 PGD 42f873067 P4D 0 Oops: 0000 [#1] SMP NOPT

  • CVE-2024-40940HigJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail In case of flow rule creation fail in mlx5_lag_create_port_sel_table(), instead of previously created rules, the tainted pointer is delet

  • CVE-2024-40937MedJul 12, 2024
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags

Page 3 of 9