rpm package
suse/kernel-livepatch-SLE15-SP4_Update_46&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_46&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (178)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50485 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad in | ||
| CVE-2022-50484 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, whe | ||
| CVE-2022-50482 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there w | ||
| CVE-2022-50480 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() The break of for_each_available_child_of_node() needs a corresponding of_node_put() when the reference 'child' is not used anymore. Here we do not n | ||
| CVE-2022-50478 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount time". The first patch fixes a bug reported by syzbot, and the second on | ||
| CVE-2022-50475 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs n | ||
| CVE-2022-50472 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ib_query_pkey() in atomic context. WARNING: | ||
| CVE-2022-50471 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized (PV) Xen domains: * User process sets up a gntdev mapping | ||
| CVE-2022-50470 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If xHC host is dying or | ||
| CVE-2025-39945 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task The original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(), which does not guarantee that the delayed work item 'delete_task' has fully completed i | ||
| CVE-2023-53500 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decode_session6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when | ||
| CVE-2023-53365 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Sep 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------[ cut he | ||
| CVE-2022-50334 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000 | ||
| CVE-2022-50327 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje | ||
| CVE-2025-39797 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Sep 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI Netlink message, which triggers the kernel function xfrm_alloc_spi(). This function is expected to ensure uniquen | ||
| CVE-2025-39742 | Med | 5.5 | < 1-150400.9.5.1 | 1-150400.9.5.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divi | |
| CVE-2023-52923 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Jan 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle | ||
| CVE-2022-43945 | Hig | 7.5 | < 1-150400.9.5.1 | 1-150400.9.5.1 | Nov 4, 2022 | The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c |
- CVE-2022-50485Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad in
- CVE-2022-50484Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, whe
- CVE-2022-50482Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there w
- CVE-2022-50480Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() The break of for_each_available_child_of_node() needs a corresponding of_node_put() when the reference 'child' is not used anymore. Here we do not n
- CVE-2022-50478Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount time". The first patch fixes a bug reported by syzbot, and the second on
- CVE-2022-50475Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs n
- CVE-2022-50472Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ib_query_pkey() in atomic context. WARNING:
- CVE-2022-50471Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized (PV) Xen domains: * User process sets up a gntdev mapping
- CVE-2022-50470Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If xHC host is dying or
- CVE-2025-39945Oct 4, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task The original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(), which does not guarantee that the delayed work item 'delete_task' has fully completed i
- CVE-2023-53500Oct 1, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decode_session6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when
- CVE-2023-53365Sep 17, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------[ cut he
- CVE-2022-50334Sep 15, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000
- CVE-2022-50327Sep 15, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje
- CVE-2025-39797Sep 12, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI Netlink message, which triggers the kernel function xfrm_alloc_spi(). This function is expected to ensure uniquen
- affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divi
- CVE-2023-52923Jan 20, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle
- affected < 1-150400.9.5.1fixed 1-150400.9.5.1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c
Page 9 of 9