rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_0&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (91)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-38495		—	< 20-150600.3.1	20-150600.3.1	Jul 28, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated b
CVE-2025-38494		—	< 20-150600.3.1	20-150600.3.1	Jul 28, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those
CVE-2025-38212	Hig	7.8	< 21-150600.3.1	21-150600.3.1	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i
CVE-2025-38087		—	< 21-150600.3.1	21-150600.3.1	Jun 30, 2025	In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding
CVE-2025-38083	Med	4.7	< 20-150600.3.1	20-150600.3.1	Jun 20, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU
CVE-2025-38079	Hig	7.8	< 20-150600.3.1	20-150600.3.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
CVE-2025-38001		—	< 21-150600.3.1	21-150600.3.1	Jun 6, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,
CVE-2025-38000		—	< 21-150600.3.1	21-150600.3.1	Jun 6, 2025	In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and
CVE-2025-37890		—	< 21-150600.3.1	21-150600.3.1	May 16, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2025-37797		—	< 19-150600.3.1	19-150600.3.1	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
CVE-2025-37752		—	< 19-150600.3.1	19-150600.3.1	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
CVE-2025-22115		—	< 18-150600.3.1	18-150600.3.1	Apr 16, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat
CVE-2025-21999		—	< 21-150600.3.1	21-150600.3.1	Apr 3, 2025	In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
CVE-2025-21772	Hig	7.8	< 18-150600.3.1	18-150600.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2024-57996	Med	5.5	< 16-150600.3.1	16-150600.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe
CVE-2024-58013		—	< 16-150600.3.1	16-150600.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free
CVE-2025-21702	Hig	7.8	< 19-150600.3.1	19-150600.3.1	Feb 18, 2025	In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
CVE-2025-21701	Med	4.7	< 21-150600.3.1	21-150600.3.1	Feb 13, 2025	In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic
CVE-2025-21680		—	< 16-150600.3.1	16-150600.3.1	Jan 31, 2025	In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amount of imix entries leads to invalid access to the pkt_dev->imix_entries array because of the incorrect boundary check. UBSAN: arr
CVE-2025-21659		—	< 21-150600.3.1	21-150600.3.1	Jan 21, 2025	In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the

CVE-2025-38495Jul 28, 2025
affected < 20-150600.3.1fixed 20-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated b
CVE-2025-38494Jul 28, 2025
affected < 20-150600.3.1fixed 20-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those
CVE-2025-38212HigJul 4, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i
CVE-2025-38087Jun 30, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding
CVE-2025-38083MedJun 20, 2025
affected < 20-150600.3.1fixed 20-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU
CVE-2025-38079HigJun 18, 2025
affected < 20-150600.3.1fixed 20-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
CVE-2025-38001Jun 6, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,
CVE-2025-38000Jun 6, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and
CVE-2025-37890May 16, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2025-37797May 2, 2025
affected < 19-150600.3.1fixed 19-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
CVE-2025-37752May 1, 2025
affected < 19-150600.3.1fixed 19-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
CVE-2025-22115Apr 16, 2025
affected < 18-150600.3.1fixed 18-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat
CVE-2025-21999Apr 3, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
CVE-2025-21772HigFeb 27, 2025
affected < 18-150600.3.1fixed 18-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2024-57996MedFeb 27, 2025
affected < 16-150600.3.1fixed 16-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe
CVE-2024-58013Feb 27, 2025
affected < 16-150600.3.1fixed 16-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free
CVE-2025-21702HigFeb 18, 2025
affected < 19-150600.3.1fixed 19-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
CVE-2025-21701MedFeb 13, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic
CVE-2025-21680Jan 31, 2025
affected < 16-150600.3.1fixed 16-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amount of imix entries leads to invalid access to the pkt_dev->imix_entries array because of the incorrect boundary check. UBSAN: arr
CVE-2025-21659Jan 21, 2025
affected < 21-150600.3.1fixed 21-150600.3.1
In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the

Page 1 of 5