rpm package
suse/kernel-livepatch-SLE15-SP6_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52766 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access wil | ||
| CVE-2024-36000 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel.org/all/000000000000ee06de0616177560@google.com/ 350: lockdep_assert_held(&huge | ||
| CVE-2024-35980 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fix TLBI RANGE operand KVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty pages are collected by VMM and the page table entries become write protected during live migration. Unfortu | ||
| CVE-2024-35888 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6erspan_rcv() (and erspan_rcv()) no longer make sure erspan_base_hdr is present in skb | |
| CVE-2024-27407 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr() | ||
| CVE-2024-27043 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio | ||
| CVE-2024-27026 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom WARNING: | ||
| CVE-2024-27017 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view | ||
| CVE-2024-26953 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool When the skb is reorganized during esp_output (!esp->inline), the pages coming from the original skb fragments are supposed to be released back to the system t | ||
| CVE-2024-26943 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: handle kcalloc() allocation failure The kcalloc() in nouveau_dmem_evict_chunk() will return null if the physical memory has run out. As a result, if we dereference src_pfns, dst_pfns or dma_addrs, | ||
| CVE-2024-26864 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in __inet_hash_connect(). syzbot reported a warning in sk_nulls_del_node_init_rcu(). The commit 66b60b0c8c4a ("dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalbli | ||
| CVE-2024-26782 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin | ||
| CVE-2024-26767 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check | ||
| CVE-2024-26761 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist | ||
| CVE-2024-26758 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't | ||
| CVE-2024-26741 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->ics | ||
| CVE-2024-26703 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimer_init to timerlat_fd open() Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the use | ||
| CVE-2024-26596 | Med | 5.5 | < 1-150600.13.3.5 | 1-150600.13.3.5 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy | |
| CVE-2023-6270 | — | < 1-150600.13.3.5 | 1-150600.13.3.5 | Jan 4, 2024 | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob |
- CVE-2023-52766May 21, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access wil
- CVE-2024-36000May 20, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge There is a recent report on UFFDIO_COPY over hugetlb: https://lore.kernel.org/all/000000000000ee06de0616177560@google.com/ 350: lockdep_assert_held(&huge
- CVE-2024-35980May 20, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fix TLBI RANGE operand KVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty pages are collected by VMM and the page table entries become write protected during live migration. Unfortu
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head syzbot reported a problem in ip6erspan_rcv() [1] Issue is that ip6erspan_rcv() (and erspan_rcv()) no longer make sure erspan_base_hdr is present in skb
- CVE-2024-27407May 17, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr()
- CVE-2024-27043May 1, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio
- CVE-2024-27026May 1, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom WARNING:
- CVE-2024-27017May 1, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view
- CVE-2024-26953May 1, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool When the skb is reorganized during esp_output (!esp->inline), the pages coming from the original skb fragments are supposed to be released back to the system t
- CVE-2024-26943May 1, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: handle kcalloc() allocation failure The kcalloc() in nouveau_dmem_evict_chunk() will return null if the physical memory has run out. As a result, if we dereference src_pfns, dst_pfns or dma_addrs,
- CVE-2024-26864Apr 17, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in __inet_hash_connect(). syzbot reported a warning in sk_nulls_del_node_init_rcu(). The commit 66b60b0c8c4a ("dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalbli
- CVE-2024-26782Apr 4, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin
- CVE-2024-26767Apr 3, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check
- CVE-2024-26761Apr 3, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder regist
- CVE-2024-26758Apr 3, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't
- CVE-2024-26741Apr 3, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->ics
- CVE-2024-26703Apr 3, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimer_init to timerlat_fd open() Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the use
- affected < 1-150600.13.3.5fixed 1-150600.13.3.5
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy
- CVE-2023-6270Jan 4, 2024affected < 1-150600.13.3.5fixed 1-150600.13.3.5
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob
Page 28 of 28