rpm package
suse/kernel-livepatch-SLE15-SP5_Update_27&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (218)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49762 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTR_RECORDs Kernel iterates over ATTR_RECORDs in mft record in ntfs_attr_find(). Because the ATTR_RECORDs are next to each other, kernel can get the next ATTR_RECORD from e | ||
| CVE-2025-37789 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first. | ||
| CVE-2025-23145 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a | ||
| CVE-2025-37785 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Apr 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir | ||
| CVE-2025-22056 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence | ||
| CVE-2025-21999 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc | ||
| CVE-2025-21738 | — | < 14-150500.2.1 | 14-150500.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com | ||
| CVE-2025-21701 | Med | 4.7 | < 4-150500.2.1 | 4-150500.2.1 | Feb 13, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic | |
| CVE-2024-56558 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to | ||
| CVE-2024-53168 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID | ||
| CVE-2024-53164 | — | < 8-150500.4.1 | 8-150500.4.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t | ||
| CVE-2024-53141 | — | < 9-150500.2.1 | 9-150500.2.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f | ||
| CVE-2024-26804 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr | ||
| CVE-2023-1990 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Apr 12, 2023 | A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem. | ||
| CVE-2023-28866 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Mar 27, 2023 | In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. | ||
| CVE-2022-3640 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Oct 21, 2022 | A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. | ||
| CVE-2022-3619 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Oct 20, 2022 | A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to | ||
| CVE-2022-3564 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | Oct 17, 2022 | A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to |
- CVE-2022-49762May 1, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTR_RECORDs Kernel iterates over ATTR_RECORDs in mft record in ntfs_attr_find(). Because the ATTR_RECORDs are next to each other, kernel can get the next ATTR_RECORD from e
- CVE-2025-37789May 1, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.
- CVE-2025-23145May 1, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a
- CVE-2025-37785Apr 18, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir
- CVE-2025-22056Apr 16, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence
- CVE-2025-21999Apr 3, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
- CVE-2025-21738Feb 27, 2025affected < 14-150500.2.1fixed 14-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com
- affected < 4-150500.2.1fixed 4-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic
- CVE-2024-56558Dec 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show The function `e_show` was called with protection from RCU. This only ensures that `exp` will not be freed. Therefore, the reference count for `exp` can drop to
- CVE-2024-53168Dec 27, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
- CVE-2024-53164Dec 27, 2024affected < 8-150500.4.1fixed 8-150500.4.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t
- CVE-2024-53141Dec 6, 2024affected < 9-150500.2.1fixed 9-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f
- CVE-2024-26804Apr 4, 2024affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr
- CVE-2023-1990Apr 12, 2023affected < 1-150500.11.7.1fixed 1-150500.11.7.1
A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.
- CVE-2023-28866Mar 27, 2023affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.
- CVE-2022-3640Oct 21, 2022affected < 1-150500.11.7.1fixed 1-150500.11.7.1
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue.
- CVE-2022-3619Oct 20, 2022affected < 1-150500.11.7.1fixed 1-150500.11.7.1
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to
- CVE-2022-3564Oct 17, 2022affected < 1-150500.11.7.1fixed 1-150500.11.7.1
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to
Page 11 of 11