rpm package
suse/kernel-livepatch-SLE15-SP4_Update_36&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_36&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (88)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38001 | — | < 6-150400.2.1 | 6-150400.2.1 | Jun 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed, | ||
| CVE-2025-38000 | — | < 6-150400.2.1 | 6-150400.2.1 | Jun 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and | ||
| CVE-2025-37890 | — | < 6-150400.2.1 | 6-150400.2.1 | May 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs | ||
| CVE-2025-37797 | — | < 4-150400.2.1 | 4-150400.2.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc | ||
| CVE-2025-37752 | — | < 4-150400.2.1 | 4-150400.2.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c | ||
| CVE-2025-23145 | — | < 11-150400.2.1 | 11-150400.2.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a | ||
| CVE-2025-21999 | — | < 6-150400.2.1 | 6-150400.2.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc | ||
| CVE-2025-21772 | Hig | 7.8 | < 3-150400.2.1 | 3-150400.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede | |
| CVE-2025-21756 | Hig | 7.8 | < 7-150400.2.1 | 7-150400.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un | |
| CVE-2024-57996 | Med | 5.5 | < 2-150400.2.2 | 2-150400.2.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe | |
| CVE-2025-21738 | — | < 16-150400.2.2 | 16-150400.2.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com | ||
| CVE-2022-49465 | — | < 3-150400.2.1 | 3-150400.2.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s | ||
| CVE-2022-49080 | — | < 2-150400.2.2 | 2-150400.2.2 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized | ||
| CVE-2022-49053 | — | < 6-150400.2.1 | 6-150400.2.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th | ||
| CVE-2025-21702 | Hig | 7.8 | < 4-150400.2.1 | 4-150400.2.1 | Feb 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one | |
| CVE-2024-57897 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize | ||
| CVE-2024-57893 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal | ||
| CVE-2024-57849 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP | ||
| CVE-2024-57798 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot | ||
| CVE-2024-57792 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is b |
- CVE-2025-38001Jun 6, 2025affected < 6-150400.2.1fixed 6-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,
- CVE-2025-38000Jun 6, 2025affected < 6-150400.2.1fixed 6-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and
- CVE-2025-37890May 16, 2025affected < 6-150400.2.1fixed 6-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
- CVE-2025-37797May 2, 2025affected < 4-150400.2.1fixed 4-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
- CVE-2025-37752May 1, 2025affected < 4-150400.2.1fixed 4-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
- CVE-2025-23145May 1, 2025affected < 11-150400.2.1fixed 11-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a
- CVE-2025-21999Apr 3, 2025affected < 6-150400.2.1fixed 6-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
- affected < 3-150400.2.1fixed 3-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
- affected < 7-150400.2.1fixed 7-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
- affected < 2-150400.2.2fixed 2-150400.2.2
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe
- CVE-2025-21738Feb 27, 2025affected < 16-150400.2.2fixed 16-150400.2.2
In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com
- CVE-2022-49465Feb 26, 2025affected < 3-150400.2.1fixed 3-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s
- CVE-2022-49080Feb 26, 2025affected < 2-150400.2.2fixed 2-150400.2.2
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized
- CVE-2022-49053Feb 26, 2025affected < 6-150400.2.1fixed 6-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th
- affected < 4-150400.2.1fixed 4-150400.2.1
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
- CVE-2024-57897Jan 15, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize
- CVE-2024-57893Jan 15, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
- CVE-2024-57849Jan 11, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP
- CVE-2024-57798Jan 11, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from anot
- CVE-2024-57792Jan 11, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: power: supply: gpio-charger: Fix set charge current limits Fix set charge current limits for devices which allow to set the lowest charge current limit to be greater zero. If requested charge current limit is b
Page 3 of 5