rpm package
suse/kernel-livepatch-SLE15-SP6_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-49952 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write per-cpu variable nf_skb_duplicated in an unsafe way [1]. Disabling preemption as hinted b | |
| CVE-2024-49950 | Hig | 7.8 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949 Read of size 8 at addr ffff8880241e9800 by | |
| CVE-2024-49949 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 ("net: be more gentle about silly gso requests coming from user") virtio_net_hdr_to_skb() had sanity check to detect mal | |
| CVE-2024-49944 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever | |
| CVE-2024-49938 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. | |
| CVE-2024-49930 | Hig | 7.8 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() functi | |
| CVE-2024-49925 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UA | |
| CVE-2024-49903 | Hig | 7.0 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits [syzbot reported] ================================================================== BUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline] BUG: KA | |
| CVE-2024-49902 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmt_leafidx greater than num leaves per dmap tree, add a checking for dmt_leafidx in dbFindLeaf. | |
| CVE-2024-49900 | Hig | 7.1 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of new_ea in ea_buffer syzbot reports that lzo1x_1_do_compress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x_1_do_c | |
| CVE-2024-49894 | Hig | 7.8 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the index | |
| CVE-2024-49892 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. bytes_per_element_y & bytes_per_element_c are initialize | |
| CVE-2024-49890 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Coverity. | |
| CVE-2024-49884 | Hig | 7.8 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at() We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4_split_ext | |
| CVE-2024-49883 | Hig | 7.8 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use the stale path and cause UAF | |
| CVE-2024-49882 | Hig | 7.8 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse() the buffer of the extents path In ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has been released, otherwise it may be released twice. An example of what triggers this | |
| CVE-2024-50002 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the static calls in a module. static_call_add_module() invokes __sta | ||
| CVE-2024-50000 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field. Found by Linux Verifica | ||
| CVE-2024-49987 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) When netfilter has no entry to display, qsort is called with qsort(NULL, 0, ...). This results in undefined behavior, as UBSan reports: net.c:827:2: runti | ||
| CVE-2024-49985 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume In case there is any sort of clock controller attached to this I2C bus controller, for example Versaclock or even an AIC32x4 I2C codec, |
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write per-cpu variable nf_skb_duplicated in an unsafe way [1]. Disabling preemption as hinted b
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949 Read of size 8 at addr ffff8880241e9800 by
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 ("net: be more gentle about silly gso requests coming from user") virtio_net_hdr_to_skb() had sanity check to detect mal
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths.
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() functi
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UA
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits [syzbot reported] ================================================================== BUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline] BUG: KA
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmt_leafidx greater than num leaves per dmap tree, add a checking for dmt_leafidx in dbFindLeaf.
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of new_ea in ea_buffer syzbot reports that lzo1x_1_do_compress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x_1_do_c
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the index
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. bytes_per_element_y & bytes_per_element_c are initialize
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Coverity.
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at() We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4_split_ext
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use the stale path and cause UAF
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse() the buffer of the extents path In ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has been released, otherwise it may be released twice. An example of what triggers this
- CVE-2024-50002Oct 21, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the static calls in a module. static_call_add_module() invokes __sta
- CVE-2024-50000Oct 21, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field. Found by Linux Verifica
- CVE-2024-49987Oct 21, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) When netfilter has no entry to display, qsort is called with qsort(NULL, 0, ...). This results in undefined behavior, as UBSan reports: net.c:827:2: runti
- CVE-2024-49985Oct 21, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume In case there is any sort of clock controller attached to this I2C bus controller, for example Versaclock or even an AIC32x4 I2C codec,
Page 15 of 28