VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_63&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_63&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (41)

  • CVE-2025-40082Oct 28, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290

  • CVE-2025-40018Oct 24, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr

  • CVE-2023-53722Oct 22, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows

  • CVE-2023-53705Oct 22, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri

  • CVE-2022-50574Oct 22, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: drm/omap: dss: Fix refcount leak bugs In dss_init_ports() and __dss_uninit_ports(), we should call of_node_put() for the reference returned by of_graph_get_port_by_id() in fail path or when it is not used anymo

  • CVE-2022-50563Oct 22, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in run_timer_softirq() When dm_resume() and dm_destroy() are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in __run_timers+0x173/0x710 Write of size 8 at addr ffff8

  • CVE-2025-39973Oct 15, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu

  • CVE-2025-39968Oct 15, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request. Add it.

  • CVE-2023-53673HigOct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection failed. ISO, L2CAP and SCO connections refer to the hci_conn without hci_conn_

  • CVE-2022-50549Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata Following concurrent processes: P1(drop cache) P2(kworker) drop_caches_sysctl_handler drop_slab shrink_slab

  • CVE-2022-50546Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: ===================================================== BUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/ino

  • CVE-2022-50544Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array for stream_info ->stream_ctx_array with xhci_alloc_stream_ctx(). When some error oc

  • CVE-2023-53619Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th

  • CVE-2022-50534Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t

  • CVE-2022-50532Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas

  • CVE-2022-50516Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k

  • CVE-2022-50513Oct 7, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly r

  • CVE-2022-50493MedOct 4, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta

  • CVE-2022-50504Oct 4, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill

  • CVE-2022-50496Oct 4, 2025
    affected < 1-150300.7.5.2fixed 1-150300.7.5.2

    In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy().

Page 1 of 3