rpm package
suse/kernel-livepatch-SLE15-SP6_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (281)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-56777 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fail | ||
| CVE-2024-56776 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. | ||
| CVE-2024-56775 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup an | ||
| CVE-2024-56774 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the | ||
| CVE-2024-56769 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b | ||
| CVE-2024-56767 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the | ||
| CVE-2024-56766 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double f | ||
| CVE-2024-56765 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the past | ||
| CVE-2024-56763 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it. | ||
| CVE-2024-56760 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pc | ||
| CVE-2024-56759 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled | ||
| CVE-2024-56748 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This i | ||
| CVE-2024-56747 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This | ||
| CVE-2024-56746 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent | ||
| CVE-2024-56745 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces: while ((name | ||
| CVE-2024-56739 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware | ||
| CVE-2024-56729 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cach | ||
| CVE-2024-56728 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp(). | ||
| CVE-2024-56727 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | ||
| CVE-2024-56726 | — | < 1-150600.13.3.2 | 1-150600.13.3.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Add error pointer check after calling otx2_mbox_get_rsp(). |
- CVE-2024-56777Jan 8, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fail
- CVE-2024-56776Jan 8, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure.
- CVE-2024-56775Jan 8, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup an
- CVE-2024-56774Jan 8, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the
- CVE-2024-56769Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b
- CVE-2024-56767Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the
- CVE-2024-56766Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double f
- CVE-2024-56765Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the past
- CVE-2024-56763Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.
- CVE-2024-56760Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pc
- CVE-2024-56759Jan 6, 2025affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
- CVE-2024-56748Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This i
- CVE-2024-56747Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This
- CVE-2024-56746Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent
- CVE-2024-56745Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces: while ((name
- CVE-2024-56739Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware
- CVE-2024-56729Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cach
- CVE-2024-56728Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp().
- CVE-2024-56727Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp().
- CVE-2024-56726Dec 29, 2024affected < 1-150600.13.3.2fixed 1-150600.13.3.2
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Add error pointer check after calling otx2_mbox_get_rsp().
Page 7 of 15