VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (460)

  • CVE-2024-42269Aug 17, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). ip6table_nat_table_init() accesses net->gen->ptr[ip6table_nat_net_ops.id], but the function is exposed to user space before the en

  • CVE-2024-42268Aug 17, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlink_remote_

  • CVE-2024-42259MedAug 14, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping o

  • CVE-2024-42253Aug 8, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_irq_bus_sync_unlock() in order to avoid races. The other (non-probe) call sit

  • CVE-2024-42250Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be

  • CVE-2024-42247Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swap_endian() tries to load a 128-bit IPv6 address from an unaligned memory locati

  • CVE-2024-42246Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket When using a BPF program on kernel_connect(), the call can return -EPERM. This causes xs_tcp_setup_socket() to loop forever, filling

  • CVE-2024-42245Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.max_loop if

  • CVE-2024-42244Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: serial: use generic method if no alternative is provided in usb serial layer"), USB serial core calls the generic resume implementation

  • CVE-2024-42241Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB ca

  • CVE-2024-42240Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entry_SYSENTER_compat() uses CLEAR_BRANCH_HISTORY and calls the clear

  • CVE-2024-42239Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpf_timer_cancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpf_timer_cancel(timer2); bpf_timer_cancel(timer1); Both bpf_timer_cancel calls would wait for the other ca

  • CVE-2024-42238Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file Return an error from cs_dsp_power_up() if a block header is longer than the amount of data left in the file. The previous code in cs_dsp_load() and

  • CVE-2024-42237Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block Move the payload length check in cs_dsp_load() and cs_dsp_coeff_load() to be done before the block is processed. The check that the length of a

  • CVE-2024-42236Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form `if (str

  • CVE-2024-42232Aug 7, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can re

  • CVE-2024-42114MedJul 30, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values syzbot is able to trigger softlockups, setting NL80211_ATTR_TXQ_QUANTUM to 2^31. We had a similar issue in sch_fq, fixed with commit d9e15a273306 ("pkt_

  • CVE-2024-42230Jul 30, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv i

  • CVE-2024-42229Jul 30, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish t

  • CVE-2024-42228Jul 30, 2024
    affected < 1-150600.13.3.3fixed 1-150600.13.3.3

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001. V2: To really improve the handling we would actually

Page 10 of 23