rpm package

suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE Linux Micro 6.1

pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.1

Vulnerabilities (335)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-21858	Hig	7.8	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after-free in geneve_find_dev() [0] without repro. geneve_configure() links struct geneve_dev.next to net_generic(net, geneve_net_id)->
CVE-2025-21848	Med	5.5	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
CVE-2025-21846	Med	5.5	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This c
CVE-2025-21844	Med	5.5	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add check for the return value of cifs_buf_get() and cifs_small_buf_get() in receive_encrypted_standard() to prevent null pointer dereferen
CVE-2025-21866		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vma
CVE-2025-21861		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() If migration succeeded, we called folio_migrate_flags()->mem_cgroup_migrate() to migrate the memcg from the old to the new foli
CVE-2025-21857		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can return 1 if the allocation succeeded after wrapping. This was treated as an er
CVE-2025-21856		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release() in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees
CVE-2025-21855		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb m
CVE-2025-21850		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when
CVE-2025-21847		—	< 1-3.1	1-3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The nullity of sps->cstream should be checked similarly as it is done in sof_set_stream_data_offset() function. Assuming that it is not NUL
CVE-2025-21835	Med	5.5	< 1-3.1	1-3.1	Mar 7, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_midi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and
CVE-2025-21838		—	< 1-3.1	1-3.1	Mar 7, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal device_del() can lead to new work being scheduled in gadget->work workqueue. This is observed, for example, with the dwc3 driver with the following
CVE-2024-58085	Med	5.5	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), for one can write a very very long line without new line character. To fix this w
CVE-2024-58086		—	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor (`v3d->active_perfmon`) is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction
CVE-2025-21832		—	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: block: don't revert iter for -EIOCBQUEUED blkdev_read_iter() has a few odd checks, like gating the position and count adjustment on whether or not the result is bigger-than-or-equal to zero (where bigger than m
CVE-2025-21831		—	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 commit 9d26d3a8f1b0 ("PCI: Put PCIe ports into D3 during suspend") sets the policy that all PCIe ports are allowed to use D3. When the system is
CVE-2024-58072	Hig	7.8	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Update header file") introduced a global list of private data structures. Later on, commit 26634c4b1868 ("rtlwifi Modify existing bi
CVE-2024-58063	Med	5.5	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init_sw_vars fails, rtl_deinit_core should not be called, specially now that it destr
CVE-2024-58058	Med	5.5	< 1-3.1	1-3.1	Mar 6, 2025	In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL, then dumping tnc tree will access c->zroot.znode which cause null pointer derefe

CVE-2025-21858HigMar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after-free in geneve_find_dev() [0] without repro. geneve_configure() links struct geneve_dev.next to net_generic(net, geneve_net_id)->
CVE-2025-21848MedMar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
CVE-2025-21846MedMar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This c
CVE-2025-21844MedMar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add check for the return value of cifs_buf_get() and cifs_small_buf_get() in receive_encrypted_standard() to prevent null pointer dereferen
CVE-2025-21866Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vma
CVE-2025-21861Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() If migration succeeded, we called folio_migrate_flags()->mem_cgroup_migrate() to migrate the memcg from the old to the new foli
CVE-2025-21857Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can return 1 if the allocation succeeded after wrapping. This was treated as an er
CVE-2025-21856Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release() in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees
CVE-2025-21855Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb m
CVE-2025-21850Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when
CVE-2025-21847Mar 12, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The nullity of sps->cstream should be checked similarly as it is done in sof_set_stream_data_offset() function. Assuming that it is not NUL
CVE-2025-21835MedMar 7, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_midi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and
CVE-2025-21838Mar 7, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal device_del() can lead to new work being scheduled in gadget->work workqueue. This is observed, for example, with the dwc3 driver with the following
CVE-2024-58085MedMar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(), for one can write a very very long line without new line character. To fix this w
CVE-2024-58086Mar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor (`v3d->active_perfmon`) is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction
CVE-2025-21832Mar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: block: don't revert iter for -EIOCBQUEUED blkdev_read_iter() has a few odd checks, like gating the position and count adjustment on whether or not the result is bigger-than-or-equal to zero (where bigger than m
CVE-2025-21831Mar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 commit 9d26d3a8f1b0 ("PCI: Put PCIe ports into D3 during suspend") sets the policy that all PCIe ports are allowed to use D3. When the system is
CVE-2024-58072HigMar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Update header file") introduced a global list of private data structures. Later on, commit 26634c4b1868 ("rtlwifi Modify existing bi
CVE-2024-58063MedMar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init_sw_vars fails, rtl_deinit_core should not be called, specially now that it destr
CVE-2024-58058MedMar 6, 2025
affected < 1-3.1fixed 1-3.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL, then dumping tnc tree will access c->zroot.znode which cause null pointer derefe

Page 5 of 17