rpm package
suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (460)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42076 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939_send_one() syzbot reported kernel-infoleak in raw_recvmsg() [1]. j1939_send_one() creates full frame including unused data, but it doesn't initialize it. This ca | ||
| CVE-2024-42074 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chip_pdev structure When acp platform device creation is skipped, chip->chip_pdev value will remain NULL. Add NULL check for chip->chip_pdev structure in snd_acp_resume() fu | ||
| CVE-2024-42073 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems The following two shared buffer operations make use of the Shared Buffer Status Register (SBSR): # devlink sb occupancy snapshot pci/0000: | ||
| CVE-2024-42069 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function adev_release calls kfree(madev). We shouldn't cal | ||
| CVE-2024-42064 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip pipe if the pipe idx not set properly [why] Driver crashes when pipe idx not set properly [how] Add code to skip the pipe that idx not set properly | ||
| CVE-2023-52887 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new This patch enhances error handling in scenarios with RTS (Request to Send) messages arriving closely. It repl | ||
| CVE-2024-41098 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ata_port_alloc() call in ata_host_alloc() fails, ata_host_release() will get called. However, the code in ata_host_release() tries to free ata_por | ||
| CVE-2024-41097 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be u | ||
| CVE-2024-41096 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msi_capability_init KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in __pci_enable_msi_range+0x2c0/0x488 Use-after-free read at 0x0000000024629571 (in kfence-#12): | ||
| CVE-2024-41095 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der | ||
| CVE-2024-41094 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smem_start is enable per module option Only export struct fb_info.fix.smem_start if that is required by the user and the memory does not come from vmalloc(). Setting struct fb_info.fix. | ||
| CVE-2024-41093 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid usi | ||
| CVE-2024-41092 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been sporadically reporting the following issue triggered by igt@i915_selftest@live@hangcheck on ADL-P and similar machines: <6> [414.049203] | ||
| CVE-2024-41089 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der | ||
| CVE-2024-41088 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfd_start_xmit() function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after | ||
| CVE-2024-41087 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri | ||
| CVE-2024-41084 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/region: Avoid null pointer dereference in region lookup cxl_dpa_to_region() looks up a region based on a memdev and DPA. It wrongly assumes an endpoint found mapping the DPA is also of a fully assembled reg | ||
| CVE-2024-41081 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunne | ||
| CVE-2024-41080 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix possible deadlock in io_register_iowq_max_workers() The io_register_iowq_max_workers() function calls io_put_sq_data(), which acquires the sqd->lock without releasing the uring_lock. Similar to th | ||
| CVE-2024-41079 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar |
- CVE-2024-42076Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939_send_one() syzbot reported kernel-infoleak in raw_recvmsg() [1]. j1939_send_one() creates full frame including unused data, but it doesn't initialize it. This ca
- CVE-2024-42074Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chip_pdev structure When acp platform device creation is skipped, chip->chip_pdev value will remain NULL. Add NULL check for chip->chip_pdev structure in snd_acp_resume() fu
- CVE-2024-42073Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems The following two shared buffer operations make use of the Shared Buffer Status Register (SBSR): # devlink sb occupancy snapshot pci/0000:
- CVE-2024-42069Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function adev_release calls kfree(madev). We shouldn't cal
- CVE-2024-42064Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip pipe if the pipe idx not set properly [why] Driver crashes when pipe idx not set properly [how] Add code to skip the pipe that idx not set properly
- CVE-2023-52887Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new This patch enhances error handling in scenarios with RTS (Request to Send) messages arriving closely. It repl
- CVE-2024-41098Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ata_port_alloc() call in ata_host_alloc() fails, ata_host_release() will get called. However, the code in ata_host_release() tries to free ata_por
- CVE-2024-41097Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be u
- CVE-2024-41096Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msi_capability_init KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in __pci_enable_msi_range+0x2c0/0x488 Use-after-free read at 0x0000000024629571 (in kfence-#12):
- CVE-2024-41095Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der
- CVE-2024-41094Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smem_start is enable per module option Only export struct fb_info.fix.smem_start if that is required by the user and the memory does not come from vmalloc(). Setting struct fb_info.fix.
- CVE-2024-41093Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid usi
- CVE-2024-41092Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been sporadically reporting the following issue triggered by igt@i915_selftest@live@hangcheck on ADL-P and similar machines: <6> [414.049203]
- CVE-2024-41089Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer der
- CVE-2024-41088Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfd_start_xmit() function fails, the driver stops processing messages, and the interrupt routine does not return, running indefinitely even after
- CVE-2024-41087Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc() call in ata_host_alloc() fails, we will jump to the err_out label, which will call devres_release_group(). devres_release_group() will tri
- CVE-2024-41084Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Avoid null pointer dereference in region lookup cxl_dpa_to_region() looks up a region based on a memdev and DPA. It wrongly assumes an endpoint found mapping the DPA is also of a fully assembled reg
- CVE-2024-41081Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunne
- CVE-2024-41080Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix possible deadlock in io_register_iowq_max_workers() The io_register_iowq_max_workers() function calls io_put_sq_data(), which acquires the sqd->lock without releasing the uring_lock. Similar to th
- CVE-2024-41079Jul 29, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar
Page 14 of 23