rpm package
suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (460)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42227 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dml_core_mode_programming [WHY] &mode_lib->mp.Watermark and &locals->Watermark are the same address. memcpy may lead to unexpected behavior. [HOW] memmove should be | ||
| CVE-2024-42225 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data | ||
| CVE-2024-42224 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 ("net: dsa: mv88e6xxx: Support multiple MDIO busses") mv88e6xxx_default_mdio_bus() has checked that the return value of list_first_ent | ||
| CVE-2024-42223 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations. | ||
| CVE-2024-42162 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid acces | ||
| CVE-2024-42161 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the BPF_CRE_RE | ||
| CVE-2024-42159 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed. | ||
| CVE-2024-42158 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for kfree_sensitive/kvfree_ | ||
| CVE-2024-42157 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copy_to_user() fails. | ||
| CVE-2024-42156 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key. | ||
| CVE-2024-42155 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copi | ||
| CVE-2024-42153 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr When del_timer_sync() is called in an interrupt context it throws a warning because of potential deadlock. The timer is used only to ex | ||
| CVE-2024-42152 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler | ||
| CVE-2024-42148 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equ | ||
| CVE-2024-42147 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/debugfs - Fix debugfs uninit process issue During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also r | ||
| CVE-2024-42145 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra | ||
| CVE-2024-42144 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data Verify that lvts_data is not NULL before using it. | ||
| CVE-2024-42142 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses | ||
| CVE-2024-42141 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Check socket flag instead of hcon This fixes the following Smatch static checker warning: net/bluetooth/iso.c:1364 iso_sock_recvmsg() error: we previously assumed 'pi->conn->hcon' could be null | ||
| CVE-2024-42139 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains ena |
- CVE-2024-42227Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dml_core_mode_programming [WHY] &mode_lib->mp.Watermark and &locals->Watermark are the same address. memcpy may lead to unexpected behavior. [HOW] memmove should be
- CVE-2024-42225Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data
- CVE-2024-42224Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 ("net: dsa: mv88e6xxx: Support multiple MDIO busses") mv88e6xxx_default_mdio_bus() has checked that the return value of list_first_ent
- CVE-2024-42223Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations.
- CVE-2024-42162Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid acces
- CVE-2024-42161Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the BPF_CRE_RE
- CVE-2024-42159Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed.
- CVE-2024-42158Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for kfree_sensitive/kvfree_
- CVE-2024-42157Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copy_to_user() fails.
- CVE-2024-42156Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key.
- CVE-2024-42155Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copi
- CVE-2024-42153Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr When del_timer_sync() is called in an interrupt context it throws a warning because of potential deadlock. The timer is used only to ex
- CVE-2024-42152Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler
- CVE-2024-42148Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equ
- CVE-2024-42147Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/debugfs - Fix debugfs uninit process issue During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also r
- CVE-2024-42145Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra
- CVE-2024-42144Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data Verify that lvts_data is not NULL before using it.
- CVE-2024-42142Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses
- CVE-2024-42141Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Check socket flag instead of hcon This fixes the following Smatch static checker warning: net/bluetooth/iso.c:1364 iso_sock_recvmsg() error: we previously assumed 'pi->conn->hcon' could be null
- CVE-2024-42139Jul 30, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains ena
Page 11 of 23