rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_14&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (240)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38062 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie The IOMMU translation for MSI message addresses has been a 2-step process, separated in time: 1) iommu_dma_prepare_msi(): A cookie | ||
| CVE-2025-38061 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() Honour the user given buffer size for the strn_len() calls (otherwise strn_len() will access memory outside of the user given buffer | ||
| CVE-2025-38052 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: | ||
| CVE-2025-38051 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warni | ||
| CVE-2025-38035 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null sk_state_change queue->state_change is set as part of nvmet_tcp_set_queue_sock(), but if the TCP connection isn't established when nvmet_tcp_set_queue_sock() is called then queue-> | ||
| CVE-2025-38034 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref btrfs_prelim_ref() calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref i | ||
| CVE-2025-37984 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large valu | ||
| CVE-2025-37920 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AF_XDP generic RX path Move rx_lock from xsk_socket to xsk_buff_pool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xsk_buff_pool. R | ||
| CVE-2025-37864 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d ("net: dsa: delete dsa_legacy_fdb_add and dsa_legacy_fdb_del"), DSA is written given the assumption th | |
| CVE-2025-37885 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardle | ||
| CVE-2025-37856 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: harden block_group::bg_list against list_del() races As far as I can tell, these calls of list_del_init() on bg_list cannot run concurrently with btrfs_mark_bg_unused() or btrfs_mark_bg_to_reclaim(), as | ||
| CVE-2025-37798 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi | ||
| CVE-2025-23163 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================ [ 1.211571] WARNING: possible re | ||
| CVE-2025-21872 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we (re)map the entire table on each iteration of the loop, adding space as we discover new entries. If t | ||
| CVE-2025-21839 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Mar 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load | ||
| CVE-2024-57947 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Jan 23, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea | ||
| CVE-2024-56742 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed t | ||
| CVE-2024-44963 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | Sep 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() when freeing tree block after error When freeing a tree block, at btrfs_free_tree_block(), if we fail to create a delayed reference we don't deal with the error and just do a BUG_ON(). Th | ||
| CVE-2024-36028 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lock | ||
| CVE-2019-11135 | Med | 6.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. |
- CVE-2025-38062Jun 18, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie The IOMMU translation for MSI message addresses has been a 2-step process, separated in time: 1) iommu_dma_prepare_msi(): A cookie
- CVE-2025-38061Jun 18, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() Honour the user given buffer size for the strn_len() calls (otherwise strn_len() will access memory outside of the user given buffer
- CVE-2025-38052Jun 18, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG:
- CVE-2025-38051Jun 18, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warni
- CVE-2025-38035Jun 18, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null sk_state_change queue->state_change is set as part of nvmet_tcp_set_queue_sock(), but if the TCP connection isn't established when nvmet_tcp_set_queue_sock() is called then queue->
- CVE-2025-38034Jun 18, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref btrfs_prelim_ref() calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref i
- CVE-2025-37984May 20, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large valu
- CVE-2025-37920May 20, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AF_XDP generic RX path Move rx_lock from xsk_socket to xsk_buff_pool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xsk_buff_pool. R
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d ("net: dsa: delete dsa_legacy_fdb_add and dsa_legacy_fdb_del"), DSA is written given the assumption th
- CVE-2025-37885May 9, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardle
- CVE-2025-37856May 9, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: harden block_group::bg_list against list_del() races As far as I can tell, these calls of list_del_init() on bg_list cannot run concurrently with btrfs_mark_bg_unused() or btrfs_mark_bg_to_reclaim(), as
- CVE-2025-37798May 2, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi
- CVE-2025-23163May 1, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================ [ 1.211571] WARNING: possible re
- CVE-2025-21872Mar 27, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we (re)map the entire table on each iteration of the loop, adding space as we discover new entries. If t
- CVE-2025-21839Mar 7, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load
- CVE-2024-57947Jan 23, 2025affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
- CVE-2024-56742Dec 29, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed t
- CVE-2024-44963Sep 4, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() when freeing tree block after error When freeing a tree block, at btrfs_free_tree_block(), if we fail to create a delayed reference we don't deal with the error and just do a BUG_ON(). Th
- CVE-2024-36028May 30, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lock
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Page 12 of 12