VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_64&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_64&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (94)

  • CVE-2024-53136Dec 4, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. A

  • CVE-2024-53112Dec 2, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra

  • CVE-2023-52922Nov 28, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

  • CVE-2024-53101MedNov 25, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali

  • CVE-2024-8805Nov 22, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

  • CVE-2024-53057HigNov 19, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

  • CVE-2024-50299MedNov 19, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address

  • CVE-2024-50287Nov 19, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpg_precalculate_line() blindly rescales the buffer even when scaled_witdh is equal to zero. If this ever happens, t

  • CVE-2024-50280Nov 19, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized delayed_work waker in the

  • CVE-2024-50278Nov 19, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because exp

  • CVE-2024-50262HigNov 9, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths

  • CVE-2024-50256Nov 9, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_reset6() I think the issue is that dev->hard_header_len is zero, and we attempt

  • CVE-2024-50211Nov 8, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out ea

  • CVE-2024-50199Nov 8, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and

  • CVE-2024-50151HigNov 7, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compound request buffers down for encryp

  • CVE-2024-50166Nov 7, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes references to of_dev->dev. Not all refer

  • CVE-2024-50143Nov 7, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch repro

  • CVE-2024-50039MedOct 21, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. Unfortunately syzbot c

  • CVE-2022-49033Oct 21, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() Syzkaller reported BUG as follows: BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274 Call

  • CVE-2024-49944MedOct 21, 2024
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever

Page 4 of 5