VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_50&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_50&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (9)

  • CVE-2024-43861Aug 20, 2024
    affected < 15-2.1fixed 15-2.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

  • CVE-2024-41059Jul 29, 2024
    affected < 13-2.1fixed 13-2.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x

  • CVE-2024-36964Jun 3, 2024
    affected < 13-2.1fixed 13-2.1

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s

  • CVE-2024-35949May 20, 2024
    affected < 15-2.1fixed 15-2.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if

  • CVE-2023-34324Jan 5, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. t

  • CVE-2023-45862Oct 14, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.

  • CVE-2023-39189Oct 9, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform

  • CVE-2023-31085Apr 24, 2023
    affected < 1-8.3.1fixed 1-8.3.1

    An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.

  • CVE-2023-1829Apr 12, 2023
    affected < 2-2.1fixed 2-2.1

    A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc