rpm package

suse/kernel-livepatch-SLE15-SP4_Update_32&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_32&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (66)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-50252		—	< 18-150400.4.1	18-150400.4.1	Sep 15, 2025	In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v
CVE-2025-38678		—	< 17-150400.2.1	17-150400.2.1	Sep 3, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is possible. Unfortunately, netdev event path only removes the first device that is fo
CVE-2025-38664		—	< 18-150400.4.1	18-150400.4.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.
CVE-2025-38644		—	< 17-150400.2.1	17-150400.2.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before associati
CVE-2025-38618		—	< 18-150400.4.1	18-150400.4.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac
CVE-2025-38617		—	< 18-150400.4.1	18-150400.4.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a
CVE-2025-38555		—	< 15-150400.2.1	15-150400.2.1	Aug 19, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in composite_dev_cleanup() 1. In func configfs_composite_bind() -> composite_os_desc_req_prepare(): if kmalloc fails, the pointer cdev->os_desc_req will be freed but not set to
CVE-2025-38499	Med	5.5	< 17-150400.2.1	17-150400.2.1	Aug 11, 2025	In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be
CVE-2025-38498	Med	5.5	< 15-150400.2.1	15-150400.2.1	Jul 30, 2025	In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w
CVE-2025-38212	Hig	7.8	< 14-150400.2.1	14-150400.2.1	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i
CVE-2025-38206		—	< 17-150400.2.1	17-150400.2.1	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre
CVE-2025-38181		—	< 15-150400.2.1	15-150400.2.1	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_
CVE-2025-38177		—	< 15-150400.2.1	15-150400.2.1	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca
CVE-2025-38001		—	< 14-150400.2.1	14-150400.2.1	Jun 6, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,
CVE-2025-38000		—	< 14-150400.2.1	14-150400.2.1	Jun 6, 2025	In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and
CVE-2025-37890		—	< 14-150400.2.1	14-150400.2.1	May 16, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2025-21999		—	< 14-150400.2.1	14-150400.2.1	Apr 3, 2025	In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
CVE-2025-21971		—	< 17-150400.2.1	17-150400.2.1	Apr 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
CVE-2025-21772	Hig	7.8	< 11-150400.2.1	11-150400.2.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2025-21756	Hig	7.8	< 15-150400.2.1	15-150400.2.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un

CVE-2022-50252Sep 15, 2025
affected < 18-150400.4.1fixed 18-150400.4.1
In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v
CVE-2025-38678Sep 3, 2025
affected < 17-150400.2.1fixed 17-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is possible. Unfortunately, netdev event path only removes the first device that is fo
CVE-2025-38664Aug 22, 2025
affected < 18-150400.4.1fixed 18-150400.4.1
In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.
CVE-2025-38644Aug 22, 2025
affected < 17-150400.2.1fixed 17-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before associati
CVE-2025-38618Aug 22, 2025
affected < 18-150400.4.1fixed 18-150400.4.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac
CVE-2025-38617Aug 22, 2025
affected < 18-150400.4.1fixed 18-150400.4.1
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a
CVE-2025-38555Aug 19, 2025
affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in composite_dev_cleanup() 1. In func configfs_composite_bind() -> composite_os_desc_req_prepare(): if kmalloc fails, the pointer cdev->os_desc_req will be freed but not set to
CVE-2025-38499MedAug 11, 2025
affected < 17-150400.2.1fixed 17-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be
CVE-2025-38498MedJul 30, 2025
affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w
CVE-2025-38212HigJul 4, 2025
affected < 14-150400.2.1fixed 14-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i
CVE-2025-38206Jul 4, 2025
affected < 17-150400.2.1fixed 17-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre
CVE-2025-38181Jul 4, 2025
affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_
CVE-2025-38177Jul 4, 2025
affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca
CVE-2025-38001Jun 6, 2025
affected < 14-150400.2.1fixed 14-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,
CVE-2025-38000Jun 6, 2025
affected < 14-150400.2.1fixed 14-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and
CVE-2025-37890May 16, 2025
affected < 14-150400.2.1fixed 14-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2025-21999Apr 3, 2025
affected < 14-150400.2.1fixed 14-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
CVE-2025-21971Apr 1, 2025
affected < 17-150400.2.1fixed 17-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
CVE-2025-21772HigFeb 27, 2025
affected < 11-150400.2.1fixed 11-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2025-21756HigFeb 27, 2025
affected < 15-150400.2.1fixed 15-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un

Page 1 of 4