suse/kernel-livepatch-SLE15-SP6_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP6

Vulnerabilities (162)

• CVE-2024-39482MedJul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed size MAX_BSETS, or from a mempool with a dynamic size based on the specific cache

• CVE-2024-39481Jul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: media: mc: Fix graph walk in media_pipeline_start The graph walk tries to follow all links, even if they are not between pads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link. Fix this by all

• CVE-2024-39479Jul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon drvdata (on which hwmon depends) are device managed resources, the expectation, on device unbind, is that hwmon will be released before drvdata. However

• CVE-2024-39475Jul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefb_check_var failed The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero") checks the value of pixclock to avoid divide-by-zero error. However th

• CVE-2024-39474Jul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but it presents a conflict wit

• CVE-2024-39473Jul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the proc

• CVE-2024-39472Jul 5, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial u

• CVE-2024-39468MedJun 25, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2_find_smb_tcon() Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlock.

• CVE-2024-39276Jun 25, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cach

• CVE-2024-38659HigJun 21, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA

• CVE-2024-38598MedJun 19, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU

• CVE-2024-38558MedJun 19, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary pack

• CVE-2024-38604Jun 19, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdev_iomap_begin blkdev_iomap_begin rounds down the offset to the logical block size before stashing it in iomap->offset and checking that it still is inside the inode size. Ch

• CVE-2024-38586Jun 19, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring b

• CVE-2024-36979Jun 19, 2024
  affected < 7-150600.13.6.1fixed 7-150600.13.6.1

  In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same

• CVE-2024-36974HigJun 18, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k

• CVE-2024-36959MedMay 30, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping op

• CVE-2024-36940HigMay 30, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei

• CVE-2024-36902MedMay 30, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must a

• CVE-2024-36955May 30, 2024
  affected < 1-150600.13.3.1fixed 1-150600.13.3.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mentions this important point: " The caller is responsible for calling fwnode_handle_pu