rpm package
suse/kernel-livepatch-SLE15-SP5_Update_22&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_22&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (114)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38083 | Med | 4.7 | < 9-150500.2.1 | 9-150500.2.1 | Jun 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU | |
| CVE-2025-38079 | Hig | 7.8 | < 9-150500.2.1 | 9-150500.2.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea | |
| CVE-2025-37797 | — | < 8-150500.2.1 | 8-150500.2.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc | ||
| CVE-2025-37752 | — | < 8-150500.2.1 | 8-150500.2.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c | ||
| CVE-2025-21971 | — | < 13-150500.2.1 | 13-150500.2.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe | ||
| CVE-2025-21772 | Hig | 7.8 | < 7-150500.2.1 | 7-150500.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede | |
| CVE-2025-21791 | — | < 12-150500.2.1 | 12-150500.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou | ||
| CVE-2024-57996 | Med | 5.5 | < 5-150500.2.2 | 5-150500.2.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe | |
| CVE-2024-58013 | — | < 5-150500.2.2 | 5-150500.2.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free | ||
| CVE-2022-49080 | — | < 5-150500.2.2 | 5-150500.2.2 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized | ||
| CVE-2025-21702 | Hig | 7.8 | < 8-150500.2.1 | 8-150500.2.1 | Feb 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one | |
| CVE-2025-21692 | Hig | 7.8 | < 12-150500.2.1 | 12-150500.2.1 | Feb 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo | |
| CVE-2024-57893 | — | < 7-150500.2.1 | 7-150500.2.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal | ||
| CVE-2024-57849 | — | < 17-150500.2.1 | 17-150500.2.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP | ||
| CVE-2024-57793 | — | < 7-150500.2.1 | 7-150500.2.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possible for the untrusted host to cause set_memory_decrypted() to fail such that an error is returned and the resulting mem | ||
| CVE-2022-49035 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | Jan 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. | ||
| CVE-2024-56755 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situa | ||
| CVE-2024-56664 | — | < 8-150500.2.1 | 8-150500.2.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona | ||
| CVE-2024-56619 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access | ||
| CVE-2024-56605 | — | < 1-150500.11.3.1 | 1-150500.11.3.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o |
- affected < 9-150500.2.1fixed 9-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU
- affected < 9-150500.2.1fixed 9-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
- CVE-2025-37797May 2, 2025affected < 8-150500.2.1fixed 8-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
- CVE-2025-37752May 1, 2025affected < 8-150500.2.1fixed 8-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
- CVE-2025-21971Apr 1, 2025affected < 13-150500.2.1fixed 13-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
- affected < 7-150500.2.1fixed 7-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
- CVE-2025-21791Feb 27, 2025affected < 12-150500.2.1fixed 12-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou
- affected < 5-150500.2.2fixed 5-150500.2.2
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe
- CVE-2024-58013Feb 27, 2025affected < 5-150500.2.2fixed 5-150500.2.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free
- CVE-2022-49080Feb 26, 2025affected < 5-150500.2.2fixed 5-150500.2.2
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized
- affected < 8-150500.2.1fixed 8-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
- affected < 12-150500.2.1fixed 12-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo
- CVE-2024-57893Jan 15, 2025affected < 7-150500.2.1fixed 7-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores the data in the internal
- CVE-2024-57849Jan 11, 2025affected < 17-150500.2.1fixed 17-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP
- CVE-2024-57793Jan 11, 2025affected < 7-150500.2.1fixed 7-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possible for the untrusted host to cause set_memory_decrypted() to fail such that an error is returned and the resulting mem
- CVE-2022-49035Jan 2, 2025affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case.
- CVE-2024-56755Dec 29, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situa
- CVE-2024-56664Dec 27, 2024affected < 8-150500.2.1fixed 8-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race with socket's close() link popping & unlinking. __sock_map_delete() unconditiona
- CVE-2024-56619Dec 27, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access
- CVE-2024-56605Dec 27, 2024affected < 1-150500.11.3.1fixed 1-150500.11.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o
Page 2 of 6