VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_11&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (351)

  • CVE-2025-37983May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: qibfs: fix _another_ leak failure to allocate inode => leaked dentry... this one had been there since the initial merge; to be fair, if we are that far OOM, the odds of failing at that particular allocation ar

  • CVE-2025-37982May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251_tx_work The skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails with a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.

  • CVE-2025-37979May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix sc7280 lpass potential buffer overflow Case values introduced in commit 5f78e1fb7a3e ("ASoC: qcom: Add driver support for audioreach solution") cause out of bounds access in arrays of sc7280 dri

  • CVE-2025-37978May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: block: integrity: Do not call set_page_dirty_lock() Placing multiple protection information buffers inside the same page can lead to oopses because set_page_dirty_lock() can't be called from interrupt context.

  • CVE-2025-37974May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpci_create_device() error return The zpci_create_device() function returns an error pointer that needs to be checked before dereferencing it as a struct zpci_dev pointer. Add th

  • CVE-2025-37972May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: Input: mtk-pmic-keys - fix possible null pointer dereference In mtk_pmic_keys_probe, the regs parameter is only set if the button is parsed in the device tree. However, on hardware where the button is left floa

  • CVE-2025-37970May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo Prevent st_lsm6dsx_read_fifo from falling in an infinite loop in case pattern_len is equal to zero and the device FIFO is not empty.

  • CVE-2025-37969May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo Prevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in case pattern_len is equal to zero and the device FIFO is not empt

  • CVE-2025-37931MedMay 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not wr

  • CVE-2025-37963May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In

  • CVE-2025-37960May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: memblock: Accept allocated memory before use in memblock_double_array() When increasing the array size in memblock_double_array() and the slab is not yet available, a call to memblock_find_in_range() is used to

  • CVE-2025-37959May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Scrub packet on bpf_redirect_peer When bpf_redirect_peer is used to redirect packets to a device in another network namespace, the skb isn't scrubbed. That can lead skb information from one namespace to be

  • CVE-2025-37958May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate

  • CVE-2025-37957May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f ("KVM: x86: forcibly leave nested mode on vCPU reset") addressed an issue where a triple fault occurring in nested mode

  • CVE-2025-37954May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in open_cached_dir with lease breaks A pre-existing valid cfid returned from find_or_create_cached_dir might race with a lease break, meaning open_cached_dir doesn't consider it valid, a

  • CVE-2025-37953May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres

  • CVE-2025-37951May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the reset was skipped When a CL/CSD job times out, we check if the GPU has made any progress since the last timeout. If so, instead of resetting the hardware, we skip the res

  • CVE-2025-37949May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbus_thread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:__wake_up_common+0x4c/

  • CVE-2025-37948May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program

  • CVE-2025-37944May 20, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Currently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry to fetch the next entry from the destination ring. This is incor

Page 2 of 18