VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_40&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_40&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (46)

  • CVE-2025-38352HigKEVJul 22, 2025
    affected < 13-150400.2.1fixed 13-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be

  • CVE-2025-38212HigJul 4, 2025
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i

  • CVE-2025-38181MedJul 4, 2025
    affected < 6-150400.2.1fixed 6-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_

  • CVE-2025-38177MedJul 4, 2025
    affected < 6-150400.2.1fixed 6-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca

  • CVE-2025-38111HigJul 3, 2025
    affected < 13-150400.2.1fixed 13-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of

  • CVE-2025-38001MedJun 6, 2025
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

  • CVE-2025-38000HigJun 6, 2025
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

  • CVE-2025-37890HigMay 16, 2025
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs

  • CVE-2021-47671LowApr 17, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previo

  • CVE-2025-22097HigApr 16, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it.

  • CVE-2025-22055MedApr 16, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink

  • CVE-2025-22045MedApr 16, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the following path, flush_tlb_range() can be used for zapping normal PMD entries (PMD entries that point to page tables) together with the PTE

  • CVE-2025-22020HigApr 16, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt

  • CVE-2025-22004HigApr 3, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

  • CVE-2025-21999HigApr 3, 2025
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc

  • CVE-2022-49741MedMar 27, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: fix error handling code in ufx_usb_probe The current error handling code in ufx_usb_probe have many unmatching issues, e.g., missing ufx_free_usb_list, destroy_modedb label should only include f

  • CVE-2025-21886MedMar 27, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroy_unused_implicit_child_mr() to prevent hanging during parent deregistration as of below [1]. Upon entering destroy_unused_implicit_child

  • CVE-2025-21812HigFeb 27, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible cir

  • CVE-2025-21791HigFeb 27, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou

  • CVE-2025-21785HigFeb 27, 2025
    affected < 1-150400.9.3.1fixed 1-150400.9.3.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate