VYPR

rpm package

suse/kernel-livepatch-MICRO-6-0-RT_Update_7&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_7&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (137)

  • CVE-2025-21887Mar 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The issue was caused by dput(upper) being called before ovl_dentry_update_reval(), while upper->d_flags was still accessed in ovl_dentry_r

  • CVE-2025-21884Mar 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during pernet_operations->exit(), their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skb_se

  • CVE-2025-21881Mar 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000

  • CVE-2025-21875Mar 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.

  • CVE-2025-21873Mar 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: bsg: Fix crash when arpmb command fails If the device doesn't support arpmb we'll crash due to copying user data in bsg_transport_sg_io_fn(). In the case where ufs_bsg_exec_advanced_rpmb_req()

  • CVE-2025-2312MedMar 25, 2025
    affected < 1-1.3fixed 1-1.3

    A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credenti

  • CVE-2025-21863Mar 12, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode speculation sqe->opcode is used for different tables, make sure we santitise it against speculations.

  • CVE-2025-21836Mar 7, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: reallocate buf lists on upgrade IORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it was created for legacy selected buffer and has been emptied. It violates the requirement tha

  • CVE-2024-58071MedMar 6, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 is a lower of vlan1. This

  • CVE-2025-21806MedFeb 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget

  • CVE-2024-58018Feb 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one availab

  • CVE-2025-21729Feb 27, 2025
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion The rtwdev->scanning flag isn't protected by mutex originally, so cancel_hw_scan can pass the condition, but suddenly hw_scan completion unset

  • CVE-2025-21702HigFeb 18, 2025
    affected < 3-1.3fixed 3-1.3

    In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one

  • CVE-2024-53139Dec 4, 2024
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: sctp: fix possible UAF in sctp_v6_available() A lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints that sctp_v6_available() is calling dev_get_by_index_rcu() and ipv6_chk_addr() without holding rcu. [1] ==

  • CVE-2024-53124MedDec 2, 2024
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules

  • CVE-2024-50038Oct 21, 2024
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_tab

  • CVE-2024-27415May 17, 2024
    affected < 1-1.3fixed 1-1.3

    In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)

Page 7 of 7