VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_11&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (351)

  • CVE-2025-22062Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for

  • CVE-2025-22060Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly acce

  • CVE-2025-22058Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional

  • CVE-2025-22057Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dst_release Upstream fix ac888d58869b ("net: do not delay dst_entries_add() in dst_release()") moved decrementing the dst count from dst_destroy to dst_release to avoid acce

  • CVE-2025-22056Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence

  • CVE-2025-22055Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink

  • CVE-2025-22053Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make veth_pool_store stop hanging v2: - Created a single error handling unlock and exit in veth_pool_store - Greatly expanded commit message with previous explanatory-only text Summary: Use rtnl_

  • CVE-2025-22050Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. This incons

  • CVE-2025-22045Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the following path, flush_tlb_range() can be used for zapping normal PMD entries (PMD entries that point to page tables) together with the PTE

  • CVE-2025-22044Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl Syzkaller has reported a warning in to_nfit_bus_uuid(): "only secondary bus families can be translated". This warning is emited if the argument is equal to

  • CVE-2025-22036Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after get_block When get_block is called with a buffer_head allocated on the stack, such as do_mpage_readpage, stack corruption due to buffer_head UAF may occur in the followi

  • CVE-2025-22033Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in do_compat_alignment_fixup() do_alignment_t32_to_handler() only fixes up alignment faults for specific instructions; it returns NULL otherwise (e.g. LDREX). When that's the case, signal

  • CVE-2025-22030Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_l

  • CVE-2025-22027Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function ir_raw_event_store_with_filter(). This crash is caused by a NULL pointer de

  • CVE-2025-22025Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: nfsd: put dl_stid if fail to queue dl_recall Before calling nfsd4_run_cb to queue dl_recall to the callback_wq, we increment the reference count of dl_stid. We expect that after the corresponding work_struct is

  • CVE-2024-58095Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before txBeginAnon() call Added a read-only check before calling `txBeginAnon` in `extAlloc` and `extRecord`. This prevents modification attempts on a read-only mounted filesystem, avoi

  • CVE-2024-58094Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfs_truncate_nolock() Added a check for "read-only" mode in the `jfs_truncate_nolock` function to avoid errors related to writing to a read-only filesystem. Call s

  • CVE-2024-58093Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free"), we would free the ASPM link only after the l

  • CVE-2023-53034Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and size. This would make xlate_pos negative. [ 23.734156] switcht

  • CVE-2025-22021Apr 16, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket (if any).

Page 11 of 18