rpm package
suse/kernel-livepatch-SLE15-SP6_Update_7&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (152)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-56752 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() When the call to gf100_grctx_generate() fails, unlock gr->fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/n | ||
| CVE-2024-56667 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine When the intel_context structure contains NULL, it raises a NULL pointer dereference error in drm_info(). (cherry picked from commit 754302a5bc1bd8fd3b7 | ||
| CVE-2024-56664 | — | < 9-150600.2.1 | 9-150600.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona | ||
| CVE-2024-56645 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new skb, do the same for the initial one in j1939_session_new() to avoid refcount und | ||
| CVE-2024-56605 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o | ||
| CVE-2024-56604 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but l | ||
| CVE-2024-56601 | — | < 7-150600.2.1 | 7-150600.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o | ||
| CVE-2024-56599 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10k_sdio_remove() will free sdio workqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_DEFAULT_ON is set to yes, | ||
| CVE-2024-56582 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device: | ||
| CVE-2024-56576 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called | ||
| CVE-2024-56567 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ad7780: fix division by zero in ad7780_write_raw() In the ad7780_write_raw() , val2 can be zero, which might lead to a division by zero error in DIV_ROUND_CLOSEST(). The ad7780_write_raw() is based on iio_info' | ||
| CVE-2024-56566 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in alloc_consistency_checks, all objects of the slab will be marked as used, and the | ||
| CVE-2024-56562 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) ^^^ here check "init_dyn_addr" i3c_bus_set_addr | ||
| CVE-2024-56551 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000027] Read of size 8 at addr ffff8881b8605f88 by task amd_pci_unplug | ||
| CVE-2024-53166 | Hig | 7.8 | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq from bic without the loc | |
| CVE-2024-56549 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object->file At present, the object->file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object->file lifetime | ||
| CVE-2024-56539 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa | ||
| CVE-2024-56536 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cw1200: Fix potential NULL dereference A recent refactoring was identified by static analysis to cause a potential NULL dereference, fix this! | ||
| CVE-2024-53237 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in device_for_each_child+0x18f/0x1a0 Read of size 8 at addr ffff88801f605 | ||
| CVE-2024-53234 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: erofs: handle NONHEAD !delta[1] lclusters gracefully syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctl_fiemap fs/ioctl.c:220 [inline] Generally, NONHEAD lclust |
- CVE-2024-56752Dec 29, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() When the call to gf100_grctx_generate() fails, unlock gr->fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/n
- CVE-2024-56667Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine When the intel_context structure contains NULL, it raises a NULL pointer dereference error in drm_info(). (cherry picked from commit 754302a5bc1bd8fd3b7
- CVE-2024-56664Dec 27, 2024affected < 9-150600.2.1fixed 9-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
- CVE-2024-56645Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new skb, do the same for the initial one in j1939_session_new() to avoid refcount und
- CVE-2024-56605Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o
- CVE-2024-56604Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but l
- CVE-2024-56601Dec 27, 2024affected < 7-150600.2.1fixed 7-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o
- CVE-2024-56599Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10k_sdio_remove() will free sdio workqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_DEFAULT_ON is set to yes,
- CVE-2024-56582Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device:
- CVE-2024-56576Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called
- CVE-2024-56567Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: ad7780: fix division by zero in ad7780_write_raw() In the ad7780_write_raw() , val2 can be zero, which might lead to a division by zero error in DIV_ROUND_CLOSEST(). The ad7780_write_raw() is based on iio_info'
- CVE-2024-56566Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in alloc_consistency_checks, all objects of the slab will be marked as used, and the
- CVE-2024-56562Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) ^^^ here check "init_dyn_addr" i3c_bus_set_addr
- CVE-2024-56551Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000027] Read of size 8 at addr ffff8881b8605f88 by task amd_pci_unplug
- affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq from bic without the loc
- CVE-2024-56549Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object->file At present, the object->file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object->file lifetime
- CVE-2024-56539Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa
- CVE-2024-56536Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cw1200: Fix potential NULL dereference A recent refactoring was identified by static analysis to cause a potential NULL dereference, fix this!
- CVE-2024-53237Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in device_for_each_child+0x18f/0x1a0 Read of size 8 at addr ffff88801f605
- CVE-2024-53234Dec 27, 2024affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: erofs: handle NONHEAD !delta[1] lclusters gracefully syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctl_fiemap fs/ioctl.c:220 [inline] Generally, NONHEAD lclust
Page 3 of 8