rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_11&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (351)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22107 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actu | ||
| CVE-2025-22106 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3_reset_work() code path as vmxnet3_rq_destroy() is not invoked in this code path. So, we get below messa | ||
| CVE-2025-22105 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning[1]: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link se | ||
| CVE-2025-22104 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of | ||
| CVE-2025-22103 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdev_l3_rcv When delete l3s ipvlan: ip link del link eth0 ipvlan1 type ipvlan mode l3s This may cause a null pointer dereference: Call trace: ip_rcv_finish | ||
| CVE-2025-22102 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip | ||
| CVE-2025-22097 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it. | ||
| CVE-2025-22095 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PC | ||
| CVE-2025-22093 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. However, it will be dereferenced in dmub_hw_lock_mgr | ||
| CVE-2025-22090 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the maple tree. As fork() fails, we'll cleanup the maple tree, and stumble over | ||
| CVE-2025-22089 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f432a521a ("RDMA/core: Split port and device counter sysfs attributes") accidentally almost exposed hw counters to non-init net namesp | ||
| CVE-2025-22088 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue. | ||
| CVE-2025-22086 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu | ||
| CVE-2025-22080 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdr_first_de() The "de_off" and "used" variables come from the disk so they both need to check. The problem is that on 32bit systems if they're both greater than UINT_MAX | ||
| CVE-2025-22075 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but th | ||
| CVE-2025-22070 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx pare | ||
| CVE-2025-22066 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereferen | ||
| CVE-2025-22065 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via idpf_shutdown() and then again when idpf_remove() calls into sriov_disable(), be | ||
| CVE-2025-22064 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registere | ||
| CVE-2025-22063 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu |
- CVE-2025-22107Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actu
- CVE-2025-22106Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3_reset_work() code path as vmxnet3_rq_destroy() is not invoked in this code path. So, we get below messa
- CVE-2025-22105Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning[1]: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link se
- CVE-2025-22104Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of
- CVE-2025-22103Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdev_l3_rcv When delete l3s ipvlan: ip link del link eth0 ipvlan1 type ipvlan mode l3s This may cause a null pointer dereference: Call trace: ip_rcv_finish
- CVE-2025-22102Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip
- CVE-2025-22097Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it.
- CVE-2025-22095Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PC
- CVE-2025-22093Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. However, it will be dereferenced in dmub_hw_lock_mgr
- CVE-2025-22090Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the maple tree. As fork() fails, we'll cleanup the maple tree, and stumble over
- CVE-2025-22089Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f432a521a ("RDMA/core: Split port and device counter sysfs attributes") accidentally almost exposed hw counters to non-init net namesp
- CVE-2025-22088Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue.
- CVE-2025-22086Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu
- CVE-2025-22080Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdr_first_de() The "de_off" and "used" variables come from the disk so they both need to check. The problem is that on 32bit systems if they're both greater than UINT_MAX
- CVE-2025-22075Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but th
- CVE-2025-22070Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx pare
- CVE-2025-22066Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereferen
- CVE-2025-22065Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via idpf_shutdown() and then again when idpf_remove() calls into sriov_disable(), be
- CVE-2025-22064Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registere
- CVE-2025-22063Apr 16, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu
Page 10 of 18