rpm package
suse/kgraft-patch-SLE12-SP5_Update_58&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_58&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (210)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36880 | — | < 1-8.3.1 | 1-8.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer. | ||
| CVE-2024-36025 | — | < 1-8.3.1 | 1-8.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to preven | ||
| CVE-2024-36017 | — | < 1-8.3.1 | 1-8.3.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least o | ||
| CVE-2024-36016 | — | < 1-8.3.1 | 1-8.3.1 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - si | ||
| CVE-2023-52881 | — | < 1-8.3.1 | 1-8.3.1 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The | ||
| CVE-2024-36014 | — | < 1-8.3.1 | 1-8.3.1 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidp_mw_connector_reset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that | ||
| CVE-2021-47571 | — | < 1-8.3.1 | 1-8.3.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that. | ||
| CVE-2021-47566 | — | < 1-8.3.1 | 1-8.3.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have to use clear_user(). With a virtio-mem device that registers a vmcore_cb and has | ||
| CVE-2021-47547 | — | < 1-8.3.1 | 1-8.3.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8. At this time, the array 'lp->phy | ||
| CVE-2021-47544 | — | < 1-8.3.1 | 1-8.3.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root ca | ||
| CVE-2021-47520 | — | < 1-8.3.1 | 1-8.3.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n | ||
| CVE-2021-47518 | — | < 1-8.3.1 | 1-8.3.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in d | ||
| CVE-2021-47498 | — | < 1-8.3.1 | 1-8.3.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updati | ||
| CVE-2021-47445 | — | < 1-8.3.1 | 1-8.3.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only | ||
| CVE-2021-47438 | — | < 1-8.3.1 | 1-8.3.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Inst | ||
| CVE-2021-47434 | — | < 1-8.3.1 | 1-8.3.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a | ||
| CVE-2023-52737 | Med | 5.5 | < 1-8.3.1 | 1-8.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if | |
| CVE-2023-52855 | — | < 1-8.3.1 | 1-8.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dwc2_hcd_urb_dequeue(): | ||
| CVE-2023-52845 | — | < 1-8.3.1 | 1-8.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in | ||
| CVE-2023-52843 | — | < 1-8.3.1 | 1-8.3.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packe |
- CVE-2024-36880May 30, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer.
- CVE-2024-36025May 30, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to preven
- CVE-2024-36017May 30, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least o
- CVE-2024-36016May 29, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - si
- CVE-2023-52881May 29, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The
- CVE-2024-36014May 29, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidp_mw_connector_reset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that
- CVE-2021-47571May 24, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that.
- CVE-2021-47566May 24, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have to use clear_user(). With a virtio-mem device that registers a vmcore_cb and has
- CVE-2021-47547May 24, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8. At this time, the array 'lp->phy
- CVE-2021-47544May 24, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root ca
- CVE-2021-47520May 24, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n
- CVE-2021-47518May 24, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in d
- CVE-2021-47498May 22, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updati
- CVE-2021-47445May 22, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only
- CVE-2021-47438May 22, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Inst
- CVE-2021-47434May 22, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a
- affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if
- CVE-2023-52855May 21, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dwc2_hcd_urb_dequeue():
- CVE-2023-52845May 21, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in
- CVE-2023-52843May 21, 2024affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packe
Page 6 of 11