rpm package
suse/kernel-livepatch-SLE15-SP6_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (162)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36951 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: range check cp bad op exception interrupts Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. U | ||
| CVE-2024-36950 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a | ||
| CVE-2024-36949 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all d | ||
| CVE-2024-36947 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thi | ||
| CVE-2024-36946 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtm_phonet_notify() skb allocation fill_route() stores three components in the skb: - struct rtmsg - RTA_DST (u8) - RTA_OIF (u32) Therefore, rtm_phonet_notify() should use NLMSG_ALIGN(sizeof(stru | ||
| CVE-2024-36944 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunate | ||
| CVE-2024-36941 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. | ||
| CVE-2024-36930 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spi_sync If spi_sync() is called with the non-empty queue and the same spi_message is then reused, the complete callback for the message remains set while the context is | ||
| CVE-2024-36922 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim | ||
| CVE-2024-36914 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does n | ||
| CVE-2024-36913 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned | ||
| CVE-2024-36912 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and t | ||
| CVE-2024-36911 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory | ||
| CVE-2024-36910 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting m | ||
| CVE-2024-36909 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error i | ||
| CVE-2024-36901 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev just fine, but not here. | ||
| CVE-2024-36889 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptc | ||
| CVE-2023-52775 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. | ||
| CVE-2023-52752 | — | < 4-150600.13.6.1 | 4-150600.13.6.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ | ||
| CVE-2023-52751 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2_query_info_compound() The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options 'multichannel,max_ |
- CVE-2024-36951May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: range check cp bad op exception interrupts Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. U
- CVE-2024-36950May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a
- CVE-2024-36949May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all d
- CVE-2024-36947May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thi
- CVE-2024-36946May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtm_phonet_notify() skb allocation fill_route() stores three components in the skb: - struct rtmsg - RTA_DST (u8) - RTA_OIF (u32) Therefore, rtm_phonet_notify() should use NLMSG_ALIGN(sizeof(stru
- CVE-2024-36944May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunate
- CVE-2024-36941May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here.
- CVE-2024-36930May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spi_sync If spi_sync() is called with the non-empty queue and the same spi_message is then reused, the complete callback for the message remains set while the context is
- CVE-2024-36922May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim
- CVE-2024-36914May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does n
- CVE-2024-36913May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned
- CVE-2024-36912May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and t
- CVE-2024-36911May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory
- CVE-2024-36910May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting m
- CVE-2024-36909May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error i
- CVE-2024-36901May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev just fine, but not here.
- CVE-2024-36889May 30, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptc
- CVE-2023-52775May 21, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below.
- CVE-2023-52752May 21, 2024affected < 4-150600.13.6.1fixed 4-150600.13.6.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @
- CVE-2023-52751May 21, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2_query_info_compound() The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options 'multichannel,max_
Page 6 of 9