rpm package

suse/kernel-livepatch-SLE15-SP6_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (559)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-49855		—	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free
CVE-2024-49853		—	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack.
CVE-2024-49852		—	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release function is _efc_nport_free()
CVE-2024-49850		—	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos In case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL referencing a non-existing BTF type, function bpf_core_calc_relo_insn would cau
CVE-2024-47718	Hig	7.8	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: always wait for both firmware loading attempts In 'rtw_wait_firmware_completion()', always wait for both (regular and wowlan) firmware loading attempts. Otherwise if 'rtw_usb_intf_init()' has faile
CVE-2024-47713	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts enabled, the following backtrace: ieee80211_do_stop() ... spin_lock_irqsave(&l
CVE-2024-47710	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: sock_map: Add a cond_resched() in sock_hash_free() Several syzbot soft lockup reports all have in common sock_hash_free() If a map with a large number of buckets is destroyed, we need to yield the cpu when nee
CVE-2024-47709	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). syzbot reported a warning in bcm_release(). [0] The blamed change fixed another warning that is triggered when connect() is issued again for a socke
CVE-2024-47707	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Blamed commit accidentally removed a check for rt->rt6i_idev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-
CVE-2024-47706	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) \| Λ \| Λ \| Λ \| \|
CVE-2024-47705	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was m
CVE-2024-47704	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc and it is necessary to c
CVE-2024-47701	Hig	7.8	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if e_value_offs is changed underneath the filesystem by some change in the block de
CVE-2024-47699	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can o
CVE-2024-47698	Hig	7.8	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and cle
CVE-2024-47697	Hig	7.8	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and cle
CVE-2024-47696	Hig	7.8	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free related to destroying CM IDs"), the function flush_workqueue is invoked to flush
CVE-2024-47692	Med	6.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdup_user() to return ZERO_SIZE_PTR. When we access the
CVE-2024-47685	Cri	9.1	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use skb_put_zero() to clear the w
CVE-2024-47684	Med	5.5	< 1-150600.13.3.5	1-150600.13.3.5	Oct 21, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r

CVE-2024-49855Oct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free
CVE-2024-49853Oct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack.
CVE-2024-49852Oct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release function is _efc_nport_free()
CVE-2024-49850Oct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos In case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL referencing a non-existing BTF type, function bpf_core_calc_relo_insn would cau
CVE-2024-47718HigOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: always wait for both firmware loading attempts In 'rtw_wait_firmware_completion()', always wait for both (regular and wowlan) firmware loading attempts. Otherwise if 'rtw_usb_intf_init()' has faile
CVE-2024-47713MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts enabled, the following backtrace: ieee80211_do_stop() ... spin_lock_irqsave(&l
CVE-2024-47710MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: sock_map: Add a cond_resched() in sock_hash_free() Several syzbot soft lockup reports all have in common sock_hash_free() If a map with a large number of buckets is destroyed, we need to yield the cpu when nee
CVE-2024-47709MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). syzbot reported a warning in bcm_release(). [0] The blamed change fixed another warning that is triggered when connect() is issued again for a socke
CVE-2024-47707MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Blamed commit accidentally removed a check for rt->rt6i_idev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-
CVE-2024-47706MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ | Λ | Λ | |
CVE-2024-47705MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was m
CVE-2024-47704MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc and it is necessary to c
CVE-2024-47701HigOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if e_value_offs is changed underneath the filesystem by some change in the block de
CVE-2024-47699MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can o
CVE-2024-47698HigOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and cle
CVE-2024-47697HigOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and cle
CVE-2024-47696HigOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free related to destroying CM IDs"), the function flush_workqueue is invoked to flush
CVE-2024-47692MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdup_user() to return ZERO_SIZE_PTR. When we access the
CVE-2024-47685CriOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use skb_put_zero() to clear the w
CVE-2024-47684MedOct 21, 2024
affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_r

Page 20 of 28