rpm package
suse/kernel-livepatch-SLE15-SP6_Update_5&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (200)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-46706 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: mark last busy before uart_add_one_port With "earlycon initcall_debug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime | ||
| CVE-2024-46702 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed from the PCIe side as a result of NVM firmware authentication, if | ||
| CVE-2024-46679 | Med | 4.7 | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to read device state when the device is not actually present. eg: [exception | |
| CVE-2024-46695 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exporte | ||
| CVE-2024-46694 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoi | ||
| CVE-2024-46693 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink: Fix race during initialization As pointed out by Stephen Boyd it is possible that during initialization of the pmic_glink child drivers, the protection-domain notifiers fires, and the ass | ||
| CVE-2024-46692 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark get_wq_ctx() as atomic call Currently get_wq_ctx() is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls get_wq_ctx() to resume the c | ||
| CVE-2024-46691 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move unregister out of atomic section Commit '9329933699b3 ("soc: qcom: pmic_glink: Make client-lock non-sleeping")' moved the pmic_glink client list under a spinlock, as it is accessed by the | ||
| CVE-2024-46689 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into | ||
| CVE-2024-46687 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BUG: KASAN: slab-use-after- | ||
| CVE-2024-46686 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold. | ||
| CVE-2024-46685 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of poi | ||
| CVE-2024-46677 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it | ||
| CVE-2024-46676 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination successfully passes the check 'if (!im_protocols && !tm_protocols)' in the nfc_start_p | ||
| CVE-2024-46675 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing S | ||
| CVE-2024-46674 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undo_platform_dev_alloc" is entirely bogus. It drops t | ||
| CVE-2024-46673 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aa | ||
| CVE-2024-45018 | Med | 5.5 | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload. | |
| CVE-2024-46672 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wpa_supplicant 2.11 sends since 1efdba5fdc2c ("Handle PMKSA flush in the driver for SAE/OWE offload cases") SSID based PMKSA del commands. brcmfmac is | ||
| CVE-2024-45030 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Sep 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: igb: cope with large MAX_SKB_FRAGS Sabrina reports that the igb driver does not cope well with large MAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload corruption on TX. An easy reproducer is to ru |
- CVE-2024-46706Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: mark last busy before uart_add_one_port With "earlycon initcall_debug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime
- CVE-2024-46702Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed from the PCIe side as a result of NVM firmware authentication, if
- affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to read device state when the device is not actually present. eg: [exception
- CVE-2024-46695Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exporte
- CVE-2024-46694Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoi
- CVE-2024-46693Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink: Fix race during initialization As pointed out by Stephen Boyd it is possible that during initialization of the pmic_glink child drivers, the protection-domain notifiers fires, and the ass
- CVE-2024-46692Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark get_wq_ctx() as atomic call Currently get_wq_ctx() is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls get_wq_ctx() to resume the c
- CVE-2024-46691Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move unregister out of atomic section Commit '9329933699b3 ("soc: qcom: pmic_glink: Make client-lock non-sleeping")' moved the pmic_glink client list under a spinlock, as it is accessed by the
- CVE-2024-46689Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into
- CVE-2024-46687Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() [BUG] There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BUG: KASAN: slab-use-after-
- CVE-2024-46686Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold.
- CVE-2024-46685Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of poi
- CVE-2024-46677Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it
- CVE-2024-46676Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination successfully passes the check 'if (!im_protocols && !tm_protocols)' in the nfc_start_p
- CVE-2024-46675Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing S
- CVE-2024-46674Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undo_platform_dev_alloc" is entirely bogus. It drops t
- CVE-2024-46673Sep 13, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aa
- affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload.
- CVE-2024-46672Sep 11, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion wpa_supplicant 2.11 sends since 1efdba5fdc2c ("Handle PMKSA flush in the driver for SAE/OWE offload cases") SSID based PMKSA del commands. brcmfmac is
- CVE-2024-45030Sep 11, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: igb: cope with large MAX_SKB_FRAGS Sabrina reports that the igb driver does not cope well with large MAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload corruption on TX. An easy reproducer is to ru
Page 6 of 10