VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_37&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_37&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (48)

  • CVE-2025-37890May 16, 2025
    affected < 6-150400.2.1fixed 6-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs

  • CVE-2025-23145May 1, 2025
    affected < 11-150400.2.1fixed 11-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a

  • CVE-2025-21999Apr 3, 2025
    affected < 6-150400.2.1fixed 6-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc

  • CVE-2025-21772HigFeb 27, 2025
    affected < 3-150400.2.1fixed 3-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede

  • CVE-2025-21791Feb 27, 2025
    affected < 8-150400.2.1fixed 8-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou

  • CVE-2024-57996MedFeb 27, 2025
    affected < 2-150400.2.2fixed 2-150400.2.2

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

  • CVE-2025-21738Feb 27, 2025
    affected < 16-150400.2.2fixed 16-150400.2.2

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com

  • CVE-2022-49465Feb 26, 2025
    affected < 3-150400.2.1fixed 3-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s

  • CVE-2022-49080Feb 26, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized

  • CVE-2022-49053Feb 26, 2025
    affected < 6-150400.2.1fixed 6-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th

  • CVE-2025-21699Feb 12, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buf

  • CVE-2025-21692HigFeb 10, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo

  • CVE-2025-21690Feb 10, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preve

  • CVE-2024-57948MedJan 31, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154_if_remove. [1] Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardwar

  • CVE-2024-56605Dec 27, 2024
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o

  • CVE-2024-56558Dec 27, 2024
    affected < 3-150400.2.1fixed 3-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to

  • CVE-2024-56548Dec 27, 2024
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like

  • CVE-2024-56539Dec 27, 2024
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa

  • CVE-2024-53239Dec 27, 2024
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as

  • CVE-2024-53173Dec 27, 2024
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs

Page 2 of 3