rpm package
suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (460)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-43853 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro | ||
| CVE-2024-43851 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpu_number1 to dummy_cpu_number The per cpu variable cpu_number1 is passed to xlnx_event_handler as argument "dev_id", but it is not used in this function. So drop the initialization of this | ||
| CVE-2024-43850 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove The following warning is seen during bwmon_remove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at dr | ||
| CVE-2024-43849 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently. Protect them by placing modification of tho | ||
| CVE-2024-43847 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented packets The monitor ring and the reo reinject ring share the same ring mask index. When the driver receives an interrupt for the reo reinject | ||
| CVE-2024-43846 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent object does not have a parent itself. That is, nesting is not supported. Aggregation | ||
| CVE-2024-43842 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi' | ||
| CVE-2024-43841 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_result() will trigger the wa | ||
| CVE-2024-43840 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls __bpf_tramp_enter() and __bpf_tramp_exit() functions, passing them the struct bpf_tramp_image *im poi | ||
| CVE-2024-43839 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 ch | ||
| CVE-2024-43837 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT When loading a EXT program without specifying `attr->attach_prog_fd`, the `prog->aux->dst_prog` will be null. At this time, calling | ||
| CVE-2024-43833 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(), ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device l | ||
| CVE-2024-43831 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use. | ||
| CVE-2024-43829 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference. | ||
| CVE-2024-43826 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for a NULL ->f_mapping that protects against truncations and can lead to kernel cras | ||
| CVE-2024-43825 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: Fix the sorting functionality in iio_gts_build_avail_time_table The sorting in iio_gts_build_avail_time_table is not working as intended. It could result in an out-of-bounds access when the time is zero. | ||
| CVE-2024-43824 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() Instead of getting the epc_features from pci_epc_get_features() API, use the cached pci_epf_test::epc_features value to | ||
| CVE-2024-43823 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and | ||
| CVE-2024-43821 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer. In the following context and functi | ||
| CVE-2024-43819 | — | < 1-150600.13.3.3 | 1-150600.13.3.3 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontr |
- CVE-2024-43853Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro
- CVE-2024-43851Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpu_number1 to dummy_cpu_number The per cpu variable cpu_number1 is passed to xlnx_event_handler as argument "dev_id", but it is not used in this function. So drop the initialization of this
- CVE-2024-43850Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove The following warning is seen during bwmon_remove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at dr
- CVE-2024-43849Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently. Protect them by placing modification of tho
- CVE-2024-43847Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented packets The monitor ring and the reo reinject ring share the same ring mask index. When the driver receives an interrupt for the reo reinject
- CVE-2024-43846Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent object does not have a parent itself. That is, nesting is not supported. Aggregation
- CVE-2024-43842Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'
- CVE-2024-43841Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_result() will trigger the wa
- CVE-2024-43840Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls __bpf_tramp_enter() and __bpf_tramp_exit() functions, passing them the struct bpf_tramp_image *im poi
- CVE-2024-43839Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 ch
- CVE-2024-43837Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT When loading a EXT program without specifying `attr->attach_prog_fd`, the `prog->aux->dst_prog` will be null. At this time, calling
- CVE-2024-43833Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(), ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device l
- CVE-2024-43831Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use.
- CVE-2024-43829Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference.
- CVE-2024-43826Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for a NULL ->f_mapping that protects against truncations and can lead to kernel cras
- CVE-2024-43825Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: iio: Fix the sorting functionality in iio_gts_build_avail_time_table The sorting in iio_gts_build_avail_time_table is not working as intended. It could result in an out-of-bounds access when the time is zero.
- CVE-2024-43824Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() Instead of getting the epc_features from pci_epc_get_features() API, use the cached pci_epf_test::epc_features value to
- CVE-2024-43823Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() If IORESOURCE_MEM is not provided in Device Tree due to any error, resource_list_first_type() will return NULL and
- CVE-2024-43821Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfc_xcvr_data_show, the memory allocation with kmalloc might fail, thereby making rdp_context a null pointer. In the following context and functi
- CVE-2024-43819Aug 17, 2024affected < 1-150600.13.3.3fixed 1-150600.13.3.3
In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontr
Page 7 of 23