VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_62&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_62&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (135)

  • CVE-2024-46841Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() We handle errors here properly, ENOMEM isn't fatal, return the error.

  • CVE-2024-46840Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: clean up our handling of refs == 0 in snapshot delete In reada we BUG_ON(refs == 0), which could be unkind since we aren't holding a lock on the extent leaf and thus could get a transient incorrect answe

  • CVE-2024-46834Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing ring count with active RSS contexts") proves that allowing indirection table to

  • CVE-2024-46826Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequ

  • CVE-2024-46818Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46816Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_D

  • CVE-2024-46809Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULL_RETURNS issues reported by Coverity.

  • CVE-2024-46802Sep 27, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL

  • CVE-2024-46755Sep 18, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if the priv is actually cur

  • CVE-2024-46724Sep 18, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_channel_number range to avoid the array out-of-bounds read error

  • CVE-2024-45016MedSep 11, 2024
    affected < 3-2.1fixed 3-2.1

    In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.

  • CVE-2024-44958Sep 4, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative count! WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_de

  • CVE-2024-44931Aug 26, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an of

  • CVE-2023-52898Aug 21, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhci_free_dev() and xhci_kill_endpoint_urbs() do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhci_free_dev

  • CVE-2024-42253Aug 8, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_irq_bus_sync_unlock() in order to avoid races. The other (non-probe) call sit

  • CVE-2024-42114MedJul 30, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values syzbot is able to trigger softlockups, setting NL80211_ATTR_TXQ_QUANTUM to 2^31. We had a similar issue in sch_fq, fixed with commit d9e15a273306 ("pkt_

  • CVE-2024-42145Jul 30, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra

  • CVE-2024-41082Jul 29, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of admin_q. If a reset (nvm

  • CVE-2024-41016MedJul 29, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me

  • CVE-2022-48809Jul 16, 2024
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to

Page 6 of 7