VYPR

rpm package

suse/kernel-livepatch-SLE15-SP4_Update_46&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_46&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (183)

  • CVE-2026-46323HigJun 9, 2026
    affected < 9-150400.2.1fixed 9-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFL_MANAGED_FRAG_REFS flag. When SKBFL_

  • CVE-2026-43503HigMay 23, 2026
    affected < 9-150400.2.1fixed 9-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags when m

  • CVE-2026-31694HigMay 1, 2026
    affected < 9-150400.2.1fixed 9-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existi

  • CVE-2026-31504HigApr 22, 2026
    affected < 9-150400.2.1fixed 9-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` has a race window where `NETDEV_UP` can re-register a socket into a fanout group's `arr[]` array. The re-registration is not cleaned

  • CVE-2026-31402CriApr 3, 2026
    affected < 9-150400.2.1fixed 9-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated bas

  • CVE-2026-23268HigMar 18, 2026
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by

  • CVE-2026-23209HigFeb 14, 2026
    affected < 4-150400.2.1fixed 4-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23191HigFeb 14, 2026
    affected < 5-150400.2.1fixed 5-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop

  • CVE-2026-23074HigFeb 4, 2026
    affected < 4-150400.2.1fixed 4-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc

  • CVE-2026-22999HigJan 25, 2026
    affected < 4-150400.2.1fixed 4-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.

  • CVE-2025-71120Jan 14, 2026
    affected < 4-150400.2.1fixed 4-150400.2.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres

  • CVE-2025-40102Oct 30, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpr

  • CVE-2025-40088Oct 30, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 1

  • CVE-2023-7324Oct 29, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Sanitize possible addl_desc_ptr out-of-bounds accesses in ses_enclosure_data_process().

  • CVE-2025-40044Oct 28, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m

  • CVE-2025-40018Oct 24, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr

  • CVE-2023-53730Oct 22, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabl

  • CVE-2023-53726Oct 22, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c ("arm64: csum: Fix pathological zero-length calls") added an early return for zero-length input, syzkaller has p

  • CVE-2023-53725Oct 22, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 49

  • CVE-2023-53724Oct 22, 2025
    affected < 1-150400.9.5.1fixed 1-150400.9.5.1

    In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(), but adc_enqueue_request() could fail to insert the `req` into queue. We need to check the r

Page 1 of 10