rpm package

suse/kernel-livepatch-SLE15-SP5_Update_30&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_30&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (54)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-38177		—	< 1-150500.11.5.1	1-150500.11.5.1	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca
CVE-2025-38111	Hig	7.1	< 6-150500.2.1	6-150500.2.1	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of
CVE-2025-38120		—	< 1-150500.11.5.1	1-150500.11.5.1	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early
CVE-2025-38088		—	< 1-150500.11.5.1	1-150500.11.5.1	Jun 30, 2025	In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the
CVE-2022-50116		—	< 1-150500.11.5.1	1-150500.11.5.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. T
CVE-2022-49980		—	< 1-150500.11.5.1	1-150500.11.5.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------
CVE-2023-53117		—	< 1-150500.11.5.1	1-150500.11.5.1	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369
CVE-2025-37798		—	< 1-150500.11.5.1	1-150500.11.5.1	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi
CVE-2025-21971		—	< 1-150500.11.5.1	1-150500.11.5.1	Apr 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
CVE-2025-21701	Med	4.7	< 1-150500.11.5.1	1-150500.11.5.1	Feb 13, 2025	In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic
CVE-2024-57947		—	< 1-150500.11.5.1	1-150500.11.5.1	Jan 23, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
CVE-2024-53177		—	< 1-150500.11.5.1	1-150500.11.5.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in
CVE-2024-53093		—	< 1-150500.11.5.1	1-150500.11.5.1	Nov 21, 2024	In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes availa
CVE-2024-42265	Med	5.5	< 1-150500.11.5.1	1-150500.11.5.1	Aug 17, 2024	In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec

CVE-2025-38177Jul 4, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca
CVE-2025-38111HigJul 3, 2025
affected < 6-150500.2.1fixed 6-150500.2.1
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of
CVE-2025-38120Jul 3, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early
CVE-2025-38088Jun 30, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the
CVE-2022-50116Jun 18, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. T
CVE-2022-49980Jun 18, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------
CVE-2023-53117May 2, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369
CVE-2025-37798May 2, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi
CVE-2025-21971Apr 1, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
CVE-2025-21701MedFeb 13, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic
CVE-2024-57947Jan 23, 2025
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
CVE-2024-53177Dec 27, 2024
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in
CVE-2024-53093Nov 21, 2024
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes availa
CVE-2024-42265MedAug 17, 2024
affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec

Page 3 of 3