rpm package
suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (383)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40019 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption. | ||
| CVE-2025-39977 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule() | ||
| CVE-2023-53418 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, j | ||
| CVE-2023-53417 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: sl811: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debug | ||
| CVE-2023-53412 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, j | ||
| CVE-2023-53407 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, ju | ||
| CVE-2023-53254 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels The cacheinfo sets up the shared_cpu_map by checking whether the caches with the same index are shared between CPUs. However, this will | ||
| CVE-2023-53215 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in set_task_cpu() like below: ----------- | ||
| CVE-2023-53178 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, where a swapped out page gets swapped in with data that was written to a different | ||
| CVE-2025-40300 | Med | 5.5 | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already | |
| CVE-2025-38684 | Med | 5.5 | < 1-150400.9.7.1 | 1-150400.9.7.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify() after recent changes from Lion [2]. The problem is: in ets_qdisc_change() | |
| CVE-2025-38565 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed refere | ||
| CVE-2025-38563 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap()'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first | ||
| CVE-2025-38375 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. | ||
| CVE-2024-36357 | Med | 5.6 | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries. | |
| CVE-2024-36350 | Med | 5.6 | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. | |
| CVE-2024-36349 | Low | 3.8 | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage. | |
| CVE-2024-36348 | Low | 3.8 | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 8, 2025 | A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage. | |
| CVE-2025-38159 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], ¶[1])', which reads 5 bytes: | ||
| CVE-2025-38129 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of |
- CVE-2025-40019Oct 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.
- CVE-2025-39977Oct 15, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule()
- CVE-2023-53418Sep 18, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, j
- CVE-2023-53417Sep 18, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: USB: sl811: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debug
- CVE-2023-53412Sep 18, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, j
- CVE-2023-53407Sep 18, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, ju
- CVE-2023-53254Sep 15, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels The cacheinfo sets up the shared_cpu_map by checking whether the caches with the same index are shared between CPUs. However, this will
- CVE-2023-53215Sep 15, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in set_task_cpu() like below: -----------
- CVE-2023-53178Sep 15, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption, where a swapped out page gets swapped in with data that was written to a different
- affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already
- affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify() after recent changes from Lion [2]. The problem is: in ets_qdisc_change()
- CVE-2025-38565Aug 19, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed refere
- CVE-2025-38563Aug 19, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap()'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first
- CVE-2025-38375Jul 25, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring, we forget to check the received length with the true allocate size.
- affected < 1-150400.9.7.1fixed 1-150400.9.7.1
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
- affected < 1-150400.9.7.1fixed 1-150400.9.7.1
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
- affected < 1-150400.9.7.1fixed 1-150400.9.7.1
A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.
- affected < 1-150400.9.7.1fixed 1-150400.9.7.1
A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.
- CVE-2025-38159Jul 3, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], ¶[1])', which reads 5 bytes:
- CVE-2025-38129Jul 3, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of
Page 18 of 20