VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Vulnerabilities (2,318)

  • CVE-2025-2312MedMar 25, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credenti

  • CVE-2023-52927HigMar 14, 2025
    affected < 5.14.21-150500.55.116.1fixed 5.14.21-150500.55.116.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex

  • CVE-2025-21839Mar 7, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load

  • CVE-2022-49733Mar 2, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls snd_pcm_oss_make_ready() at first, the

  • CVE-2025-21812Feb 27, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible cir

  • CVE-2025-21772HigFeb 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede

  • CVE-2025-21766MedFeb 27, 2025
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.

  • CVE-2025-21765MedFeb 27, 2025
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.

  • CVE-2025-21764HigFeb 27, 2025
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.

  • CVE-2025-21760HigFeb 27, 2025
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.

  • CVE-2025-21756HigFeb 27, 2025
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un

  • CVE-2024-58014HigFeb 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.

  • CVE-2025-21791Feb 27, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou

  • CVE-2025-21785Feb 27, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate

  • CVE-2025-21780Feb 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set

  • CVE-2025-21726HigFeb 27, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorder_work Although the previous patch can avoid ps and ps UAF for _do_serial, it can not avoid potential UAF issue for reorder_work. This issue can happen just as below: crypto_request

  • CVE-2024-57996MedFeb 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

  • CVE-2025-21738Feb 27, 2025
    affected < 5.14.21-150500.55.141.1fixed 5.14.21-150500.55.141.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com

  • CVE-2024-58013Feb 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free

  • CVE-2025-21718Feb 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN

Page 76 of 116