rpm package
suse/kgraft-patch-SLE12-SP5_Update_54&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_54&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (86)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-46929 | — | < 1-8.7.1 | 1-8.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9 | ||
| CVE-2021-46924 | — | < 1-8.7.1 | 1-8.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre | ||
| CVE-2021-46921 | — | < 1-8.7.1 | 1-8.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. The writer side loops checking the va | ||
| CVE-2021-46915 | — | < 1-8.7.1 | 1-8.7.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: avoid possible divide error in nft_limit_init div_u64() divides u64 by u32. nft_limit_init() wants to divide u64 by u64, use the appropriate math function (div64_u64) divide error: 0000 | ||
| CVE-2021-46906 | — | < 1-8.7.1 | 1-8.7.1 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. When running the syzkaller reproducer, a rep | ||
| CVE-2019-25162 | — | < 1-8.7.1 | 1-8.7.1 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde | ||
| CVE-2024-26600 | — | < 1-8.7.1 | 1-8.7.1 | Feb 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et | ||
| CVE-2024-26595 | — | < 1-8.7.1 | 1-8.7.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer | ||
| CVE-2023-52464 | — | < 1-8.7.1 | 1-8.7.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx | ||
| CVE-2023-52451 | — | < 1-8.7.1 | 1-8.7.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde | ||
| CVE-2023-52449 | — | < 1-8.7.1 | 1-8.7.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read | ||
| CVE-2023-52445 | — | < 1-8.7.1 | 1-8.7.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t | ||
| CVE-2023-52443 | — | < 1-8.7.1 | 1-8.7.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string | ||
| CVE-2024-26585 | — | < 1-8.7.1 | 1-8.7.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling | ||
| CVE-2023-52429 | — | < 1-8.7.1 | 1-8.7.1 | Feb 12, 2024 | dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | ||
| CVE-2024-1151 | — | < 1-8.7.1 | 1-8.7.1 | Feb 11, 2024 | A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo | ||
| CVE-2024-23307 | Med | 4.4 | < 5-8.10.1 | 5-8.10.1 | Jan 25, 2024 | Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | |
| CVE-2024-23851 | — | < 1-8.7.1 | 1-8.7.1 | Jan 23, 2024 | copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. | ||
| CVE-2024-23849 | — | < 1-8.7.1 | 1-8.7.1 | Jan 23, 2024 | In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. | ||
| CVE-2023-46343 | — | < 1-8.7.1 | 1-8.7.1 | Jan 23, 2024 | In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. |
- CVE-2021-46929Feb 27, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9
- CVE-2021-46924Feb 27, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre
- CVE-2021-46921Feb 27, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. The writer side loops checking the va
- CVE-2021-46915Feb 27, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: avoid possible divide error in nft_limit_init div_u64() divides u64 by u32. nft_limit_init() wants to divide u64 by u64, use the appropriate math function (div64_u64) divide error: 0000
- CVE-2021-46906Feb 26, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. When running the syzkaller reproducer, a rep
- CVE-2019-25162Feb 26, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde
- CVE-2024-26600Feb 24, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et
- CVE-2024-26595Feb 23, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer
- CVE-2023-52464Feb 23, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx
- CVE-2023-52451Feb 22, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde
- CVE-2023-52449Feb 22, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read
- CVE-2023-52445Feb 22, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t
- CVE-2023-52443Feb 22, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string
- CVE-2024-26585Feb 21, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling
- CVE-2023-52429Feb 12, 2024affected < 1-8.7.1fixed 1-8.7.1
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
- CVE-2024-1151Feb 11, 2024affected < 1-8.7.1fixed 1-8.7.1
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflo
- affected < 5-8.10.1fixed 5-8.10.1
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
- CVE-2024-23851Jan 23, 2024affected < 1-8.7.1fixed 1-8.7.1
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.
- CVE-2024-23849Jan 23, 2024affected < 1-8.7.1fixed 1-8.7.1
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.
- CVE-2023-46343Jan 23, 2024affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.
Page 4 of 5