VYPR

rpm package

suse/kernel-livepatch-MICRO-6-0-RT_Update_11&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_11&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (30)

  • CVE-2025-39682HigSep 5, 2025
    affected < 5-1.1fixed 5-1.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must process either - only contiguous DATA records (any number of them) - one non-DATA record If the next record has different type

  • CVE-2025-38678Sep 3, 2025
    affected < 2-1.1fixed 2-1.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is possible. Unfortunately, netdev event path only removes the first device that is fo

  • CVE-2025-38664Aug 22, 2025
    affected < 3-1.1fixed 3-1.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.

  • CVE-2025-38618Aug 22, 2025
    affected < 3-1.1fixed 3-1.1

    In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac

  • CVE-2025-38616Aug 22, 2025
    affected < 4-1.1fixed 4-1.1

    In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i

  • CVE-2025-38608Aug 19, 2025
    affected < 5-1.1fixed 5-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data len

  • CVE-2025-38566Aug 19, 2025
    affected < 2-1.1fixed 2-1.1

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tls_alert_recv() due to its assumption it can read data from the msg iterator's kvec.. kTLS implemen

  • CVE-2025-38500HigAug 12, 2025
    affected < 4-1.1fixed 4-1.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in

  • CVE-2025-38499MedAug 11, 2025
    affected < 2-1.1fixed 2-1.1

    In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be

  • CVE-2025-38488Jul 28, 2025
    affected < 7-1.1fixed 7-1.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However

Page 2 of 2