rpm package

suse/kgraft-patch-SLE12-SP5_Update_69&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_69&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (179)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-56779	—	< 1-8.3.1	1-8.3.1	Jan 8, 2025	In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequen
CVE-2024-56633	—	< 1-8.3.1	1-8.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg The current sk memory accounting logic in __SK_REDIRECT is pre-uncharging tosend bytes, which is either msg->sg.size or a smaller value apply_bytes. Po
CVE-2024-53168	—	< 1-8.3.1	1-8.3.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
CVE-2024-50106	—	< 1-8.3.1	1-8.3.1	Nov 5, 2024	In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread finds that delegation has exp
CVE-2024-46752	—	< 1-8.3.1	1-8.3.1	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the r
CVE-2024-46751	—	< 1-8.3.1	1-8.3.1	Sep 18, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an error message.
CVE-2024-45021	—	< 1-8.3.1	1-8.3.1	Sep 11, 2024	In the Linux kernel, the following vulnerability has been resolved: memcg_write_event_control(): fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped (let alone initialized with anything sane).
CVE-2022-48875	—	< 1-8.3.1	1-8.3.1	Aug 21, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test mul
CVE-2023-52868	—	< 1-8.3.1	1-8.3.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev->id value comes from ida_alloc() so it's a number between zero and INT_MAX. If it's too high then these sprintf()s will overflow.
CVE-2024-27010	—	< 1-8.3.1	1-8.3.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [.....
CVE-2024-26804	—	< 1-8.3.1	1-8.3.1	Apr 4, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr
CVE-2024-26740	—	< 1-8.3.1	1-8.3.1	Apr 3, 2024	In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run
CVE-2021-47170	—	< 1-8.3.1	1-8.3.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.
CVE-2023-1990	—	< 1-8.3.1	1-8.3.1	Apr 12, 2023	A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
CVE-2023-1989	—	< 1-8.3.1	1-8.3.1	Apr 11, 2023	A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVE-2023-1074	—	< 1-8.3.1	1-8.3.1	Mar 27, 2023	A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.
CVE-2022-3564	—	< 1-8.3.1	1-8.3.1	Oct 17, 2022	A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
CVE-2021-4159	—	< 1-8.3.1	1-8.3.1	Aug 24, 2022	A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory deta
CVE-2021-20320	—	< 1-8.3.1	1-8.3.1	Feb 18, 2022	A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.

CVE-2024-56779Jan 8, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequen
CVE-2024-56633Dec 27, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg The current sk memory accounting logic in __SK_REDIRECT is pre-uncharging tosend bytes, which is either msg->sg.size or a smaller value apply_bytes. Po
CVE-2024-53168Dec 27, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
CVE-2024-50106Nov 5, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread finds that delegation has exp
CVE-2024-46752Sep 18, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the r
CVE-2024-46751Sep 18, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an error message.
CVE-2024-45021Sep 11, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: memcg_write_event_control(): fix a user-triggerable oops we are *not* guaranteed that anything past the terminating NUL is mapped (let alone initialized with anything sane).
CVE-2022-48875Aug 21, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211_tx_ba_session_handle_start() may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test mul
CVE-2023-52868May 21, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev->id value comes from ida_alloc() so it's a number between zero and INT_MAX. If it's too high then these sprintf()s will overflow.
CVE-2024-27010May 1, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [.....
CVE-2024-26804Apr 4, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr
CVE-2024-26740Apr 3, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run
CVE-2021-47170Mar 25, 2024
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.
CVE-2023-1990Apr 12, 2023
affected < 1-8.3.1fixed 1-8.3.1
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
CVE-2023-1989Apr 11, 2023
affected < 1-8.3.1fixed 1-8.3.1
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVE-2023-1074Mar 27, 2023
affected < 1-8.3.1fixed 1-8.3.1
A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.
CVE-2022-3564Oct 17, 2022
affected < 1-8.3.1fixed 1-8.3.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
CVE-2021-4159Aug 24, 2022
affected < 1-8.3.1fixed 1-8.3.1
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory deta
CVE-2021-20320Feb 18, 2022
affected < 1-8.3.1fixed 1-8.3.1
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.

Page 9 of 9