VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_13&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (109)

  • CVE-2025-38678Sep 3, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is possible. Unfortunately, netdev event path only removes the first device that is fo

  • CVE-2025-38644Aug 22, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before associati

  • CVE-2025-38616Aug 22, 2025
    affected < 8-150600.2.1fixed 8-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i

  • CVE-2025-38566Aug 19, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tls_alert_recv() due to its assumption it can read data from the msg iterator's kvec.. kTLS implemen

  • CVE-2025-38555Aug 19, 2025
    affected < 4-150600.2.2fixed 4-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in composite_dev_cleanup() 1. In func configfs_composite_bind() -> composite_os_desc_req_prepare(): if kmalloc fails, the pointer cdev->os_desc_req will be freed but not set to

  • CVE-2025-38500Aug 12, 2025
    affected < 8-150600.2.1fixed 8-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in

  • CVE-2025-38499MedAug 11, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be

  • CVE-2025-38498MedJul 30, 2025
    affected < 4-150600.2.2fixed 4-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

  • CVE-2025-38477MedJul 28, 2025
    affected < 5-150600.2.1fixed 5-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, q

  • CVE-2025-38471HigJul 28, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if

  • CVE-2025-38495Jul 28, 2025
    affected < 2-150600.2.1fixed 2-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated b

  • CVE-2025-38494Jul 28, 2025
    affected < 2-150600.2.1fixed 2-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those

  • CVE-2025-38396Jul 25, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create anonymous inodes with proper security context. This replaces the c

  • CVE-2025-38212HigJul 4, 2025
    affected < 3-150600.2.1fixed 3-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i

  • CVE-2025-38206Jul 4, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre

  • CVE-2025-38083MedJun 20, 2025
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU

  • CVE-2025-38079HigJun 18, 2025
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

  • CVE-2025-38081Jun 18, 2025
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: spi-rockchip: Fix register out of bounds access Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbered much higher than native CS. Also, it makes no sense.

  • CVE-2025-38080Jun 18, 2025
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase block_sequence array size [Why] It's possible to generate more than 50 steps in hwss_build_fast_sequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This over

  • CVE-2025-38078Jun 18, 2025
    affected < 1-150600.1.5.1fixed 1-150600.1.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization (or reconfiguration) of a stream with the explicit call of snd_pcm_forma

Page 1 of 6