rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38181 | Med | 5.5 | < 5.14.21-150500.55.116.1 | 5.14.21-150500.55.116.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_ | |
| CVE-2025-38180 | Hig | 7.8 | < 5.14.21-150500.55.121.2 | 5.14.21-150500.55.121.2 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF. | |
| CVE-2025-38177 | Med | 5.5 | < 5.14.21-150500.55.121.2 | 5.14.21-150500.55.121.2 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca | |
| CVE-2025-38159 | Hig | 7.1 | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], ¶[1])', which reads 5 bytes: | |
| CVE-2025-38129 | Hig | 7.8 | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of | |
| CVE-2025-38120 | Med | 5.5 | < 5.14.21-150500.55.121.2 | 5.14.21-150500.55.121.2 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early | |
| CVE-2025-38111 | Hig | 7.1 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of | |
| CVE-2025-38088 | Hig | 7.1 | < 5.14.21-150500.55.121.2 | 5.14.21-150500.55.121.2 | Jun 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the | |
| CVE-2025-38085 | Med | 4.7 | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Jun 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table us | |
| CVE-2025-38084 | Med | 5.5 | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Jun 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, __split_vma() triggers hugetlb page table unsharing through vm_ops->may_split(). This happens before the VMA lock and rmap locks are take | |
| CVE-2025-38083 | Med | 4.7 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU | |
| CVE-2022-50232 | Med | 5.5 | < 5.14.21-150500.55.136.1 | 5.14.21-150500.55.136.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables [ This issue was fixed upstream by accident in c3cee924bd85 ("arm64: head: cover entire kernel image in initial ID map") as part of a large refactoring of the arm64 boo | |
| CVE-2022-50231 | Hig | 7.1 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/poly1305 - fix a read out-of-bound A kasan error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon] Read of size 4 at addr | |
| CVE-2022-50229 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in snd_card_register() at probe time, it will free the 'bcd2k->midi_out_urb' before killing it, which may cause a UAF bug. The fo | |
| CVE-2022-50228 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVM_SET_VCPU_EVENTS ( | |
| CVE-2022-50226 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data t | |
| CVE-2022-50222 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include | |
| CVE-2022-50221 | Hig | 7.1 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range | |
| CVE-2022-50220 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnet_deferred_kevent() to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in ->ndo_stop(). | |
| CVE-2022-50218 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028_remove() The driver use the non-managed form of the register function in isl29028_remove(). To keep the release order as mirroring the ordering in probe, the dr |
- affected < 5.14.21-150500.55.116.1fixed 5.14.21-150500.55.116.1
In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_
- affected < 5.14.21-150500.55.121.2fixed 5.14.21-150500.55.121.2
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.
- affected < 5.14.21-150500.55.121.2fixed 5.14.21-150500.55.121.2
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca
- affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], ¶[1])', which reads 5 bytes:
- affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of
- affected < 5.14.21-150500.55.121.2fixed 5.14.21-150500.55.121.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of
- affected < 5.14.21-150500.55.121.2fixed 5.14.21-150500.55.121.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the
- affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table us
- affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, __split_vma() triggers hugetlb page table unsharing through vm_ops->may_split(). This happens before the VMA lock and rmap locks are take
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU
- affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables [ This issue was fixed upstream by accident in c3cee924bd85 ("arm64: head: cover entire kernel image in initial ID map") as part of a large refactoring of the arm64 boo
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/poly1305 - fix a read out-of-bound A kasan error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon] Read of size 4 at addr
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in snd_card_register() at probe time, it will free the 'bcd2k->midi_out_urb' before killing it, which may cause a UAF bug. The fo
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVM_SET_VCPU_EVENTS (
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data t
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnet_deferred_kevent() to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in ->ndo_stop().
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028_remove() The driver use the non-managed form of the register function in isl29028_remove(). To keep the release order as mirroring the ordering in probe, the dr
Page 52 of 236