VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (236)

  • CVE-2024-26739Apr 3, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod

  • CVE-2024-26733Apr 3, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr

  • CVE-2024-26704Apr 3, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat

  • CVE-2024-26689Apr 3, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the ref

  • CVE-2023-52639Apr 3, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap->private being zero in kvm_s390_vsie_gmap_notifier resulting in a crash. This is due to the fact that we add gmap->private

  • CVE-2024-26675Apr 2, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K syzbot triggered a warning [1] in __alloc_pages(): WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp) Willem fixed a similar issue in commit c0a2a1b0d631 ("ppp: limit MRU to 64K") Adop

  • CVE-2024-26671Apr 2, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_

  • CVE-2023-52635Apr 2, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from

  • CVE-2023-52628Mar 28, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c

  • CVE-2024-26651MedMar 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error.

  • CVE-2021-47180Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xfff

  • CVE-2021-47179Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_rang

  • CVE-2021-47177Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors.

  • CVE-2021-47173Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced

  • CVE-2021-47171Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall

  • CVE-2021-47169Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if th

  • CVE-2021-47168Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->dat

  • CVE-2021-47167Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change th

  • CVE-2021-47166Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.

  • CVE-2021-47165Mar 25, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl

Page 7 of 12