VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (236)

  • CVE-2021-46964Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e ("scsi: qla2xxx: Limit interrupt vectors to number of CPUs") lowers the number of allocated MSI-X vectors to the number of CPUs. That breaks vector

  • CVE-2021-46963Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_t

  • CVE-2021-46960Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947]

  • CVE-2021-46958Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which le

  • CVE-2021-46955Feb 27, 2024
    affected < 2-8.6.1fixed 2-8.6.1

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN

  • CVE-2021-46950Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being

  • CVE-2021-46941Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Do core softreset when switch mode According to the programming guide, to switch mode for DRD controller, the driver needs to do the following. To switch from device to host: 1. Reset control

  • CVE-2021-46939Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back

  • CVE-2021-46938Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails When loading a device-mapper table for a request-based mapped device, and the allocation/initialization of the blk_mq_tag_set for th

  • CVE-2021-46909Feb 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probe

  • CVE-2023-52474Feb 26, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe

  • CVE-2019-25160Feb 26, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the

  • CVE-2022-48626Feb 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and

  • CVE-2021-46905Feb 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unco

  • CVE-2021-46904Feb 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the n

  • CVE-2023-52470Feb 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.

  • CVE-2023-52469Feb 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t

  • CVE-2023-52454Feb 23, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel

  • CVE-2023-6536Feb 7, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

  • CVE-2023-6535Feb 7, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

Page 11 of 12