VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (281)

  • CVE-2024-56538Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace access

  • CVE-2024-56533Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but thi

  • CVE-2024-56532Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but th

  • CVE-2024-56531Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but thi

  • CVE-2024-53239Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as

  • CVE-2024-53236Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for transmitting an xsk descriptor, i.e., for every non-multibuf descriptor or the first frag of a multibuf descriptor, but the des

  • CVE-2024-53233Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8_load() error path utf8_load() requests the symbol "utf8_data_table" and then checks if the requested UTF-8 version is supported. If it's unsupported, it tries to put the data table using symbo

  • CVE-2024-53232Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug __iommu_group_set_domain_nofail() attaching the default domain fa

  • CVE-2024-53231Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() cpufreq_cpu_get_raw() may return NULL if the cpu is not in policy->cpus cpu mask and it will cause null pointer dereference.

  • CVE-2024-53230Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() cpufreq_cpu_get_raw() may return NULL if the cpu is not in policy->cpus cpu mask and it will cause null pointer dereference, so check NULL for

  • CVE-2024-53227Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dump_s

  • CVE-2024-53203Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via debugfs. The worry is that if con_index is zero then "&uc->ucsi->connector[con_inde

  • CVE-2024-53198Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() This patch fixes an issue in the function xenbus_dev_probe(). In the xenbus_dev_probe() function, within the if (err) branch at l

  • CVE-2024-53197KEVDec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

  • CVE-2024-53196Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI. Nevertheless, it's clear that this plumbing has seen lim

  • CVE-2024-53195Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Get rid of userspace_irqchip_in_use Improper use of userspace_irqchip_in_use led to syzbot hitting the following WARN_ON() in kvm_timer_update_irq(): WARNING: CPU: 0 PID: 3281 at arch/arm64/kvm/arc

  • CVE-2024-53194Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c ("thunderbolt: Reset USB4 v2 host router") and commit 59a54c5

  • CVE-2024-53187Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: io_uring: check for overflows in io_pin_pages WARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring/memmap.c:144 CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-n

  • CVE-2024-53185Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response, the client uses

  • CVE-2024-53175Dec 27, 2024
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msg_init_ns failed in create_ipc_ns Percpu memory allocation may failed during create_ipc_ns however this fail is not handled properly since ipc sysctls and mq sysctls is not released proper

Page 13 of 15