rpm package
suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (335)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22115 | — | < 2-3.1 | 2-3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat | ||
| CVE-2025-21999 | — | < 5-3.1 | 5-3.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc | ||
| CVE-2025-21892 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace [1]. During recovery, before t | ||
| CVE-2025-21891 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: ensure network headers are in skb linear part syzbot found that ipvlan_process_v6_outbound() was assuming the IPv6 network header isis present in skb->head [1] Add the needed pskb_network_may_pull() ca | ||
| CVE-2025-21890 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpf_rx_rsc() idpf_rx_rsc() uses skb_transport_offset(skb) while the transport header is not set yet. This triggers the following warning for CONFIG_DEBUG_NET=y builds. DEBUG_NET_WA | ||
| CVE-2025-21888 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. In the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code incorrectly | ||
| CVE-2025-21886 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroy_unused_implicit_child_mr() to prevent hanging during parent deregistration as of below [1]. Upon entering destroy_unused_implicit_child | ||
| CVE-2025-21885 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers While using nvme target with use_srq on, below kernel panic is noticed. [ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg of | ||
| CVE-2025-21883 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Repro | ||
| CVE-2025-21878 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devm_request_irq The customer reports that there is a soft lockup issue related to the i2c driver. After checking, the i2c module was doing a tx transfer and the b | ||
| CVE-2025-21877 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelink_bind() Syzbot reports [1] a warning in usb_submit_urb() triggered by inconsistencies between expected and actually present endpoints in gl620a driver. Since gen | ||
| CVE-2025-21876 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix suspicious RCU usage Commit ("iommu/vt-d: Allocate DMAR fault interrupts locally") moved the call to enable_drhd_fault_handling() to a code path that does not hold any lock while | ||
| CVE-2025-21871 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing an OP-TEE RPC call. It becomes more complicated wh | ||
| CVE-2025-21870 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name (sname) as the ALH copier and in that case the copier->data is NULL, no alh_data | ||
| CVE-2025-21869 | — | < 1-3.1 | 1-3.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II (power9) with kernel 6.13: [ 12.028126] ======================================= | ||
| CVE-2023-52927 | Hig | 7.8 | < 1-3.1 | 1-3.1 | Mar 14, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex | |
| CVE-2025-21865 | Med | 5.5 | < 1-3.1 | 1-3.1 | Mar 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Brad Spengler reported the list_del() corruption splat in gtp_net_exit_batch_rtnl(). [0] Commit eb28fd76c0a0 ("gtp: Destroy device along with u | |
| CVE-2025-21864 | Med | 5.5 | < 1-3.1 | 1-3.1 | Mar 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6_tunnel_net_exit while running tests that boil down to: - create a pair of netns - run a basic TCP test ove | |
| CVE-2025-21862 | Med | 5.5 | < 1-3.1 | 1-3.1 | Mar 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU#1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .owne | |
| CVE-2025-21859 | Med | 5.5 | < 1-3.1 | 1-3.1 | Mar 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to f_midi_transmit, causing a deadlock. Fix it by using queue_wor |
- CVE-2025-22115Apr 16, 2025affected < 2-3.1fixed 2-3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat
- CVE-2025-21999Apr 3, 2025affected < 5-3.1fixed 5-3.1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
- CVE-2025-21892Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace [1]. During recovery, before t
- CVE-2025-21891Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: ipvlan: ensure network headers are in skb linear part syzbot found that ipvlan_process_v6_outbound() was assuming the IPv6 network header isis present in skb->head [1] Add the needed pskb_network_may_pull() ca
- CVE-2025-21890Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpf_rx_rsc() idpf_rx_rsc() uses skb_transport_offset(skb) while the transport header is not set yet. This triggers the following warning for CONFIG_DEBUG_NET=y builds. DEBUG_NET_WA
- CVE-2025-21888Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. In the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code incorrectly
- CVE-2025-21886Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroy_unused_implicit_child_mr() to prevent hanging during parent deregistration as of below [1]. Upon entering destroy_unused_implicit_child
- CVE-2025-21885Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers While using nvme target with use_srq on, below kernel panic is noticed. [ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg of
- CVE-2025-21883Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Repro
- CVE-2025-21878Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devm_request_irq The customer reports that there is a soft lockup issue related to the i2c driver. After checking, the i2c module was doing a tx transfer and the b
- CVE-2025-21877Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelink_bind() Syzbot reports [1] a warning in usb_submit_urb() triggered by inconsistencies between expected and actually present endpoints in gl620a driver. Since gen
- CVE-2025-21876Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix suspicious RCU usage Commit ("iommu/vt-d: Allocate DMAR fault interrupts locally") moved the call to enable_drhd_fault_handling() to a code path that does not hold any lock while
- CVE-2025-21871Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing an OP-TEE RPC call. It becomes more complicated wh
- CVE-2025-21870Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name (sname) as the ALH copier and in that case the copier->data is NULL, no alh_data
- CVE-2025-21869Mar 27, 2025affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II (power9) with kernel 6.13: [ 12.028126] =======================================
- affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex
- affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Brad Spengler reported the list_del() corruption splat in gtp_net_exit_batch_rtnl(). [0] Commit eb28fd76c0a0 ("gtp: Destroy device along with u
- affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6_tunnel_net_exit while running tests that boil down to: - create a pair of netns - run a basic TCP test ove
- affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU#1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .owne
- affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to f_midi_transmit, causing a deadlock. Fix it by using queue_wor
Page 4 of 17