VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (344)

  • CVE-2025-38533Aug 16, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wx_rx_buffer structure contained two DMA address fields: 'dma' and 'page_dma'. However, only 'page_dma' was actually initialized and used to program the Rx descrip

  • CVE-2025-38527Aug 16, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileIn

  • CVE-2025-38526Aug 16, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function ice_lag_is_switchdev_running() is being called from outside of the LAG event handler code. This results in the lag->upper_netdev being NULL sometimes. To

  • CVE-2025-38514Aug 16, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AF_RXRPC service socket is opened and bound, but calls are preallocated, then rxrpc_alloc_incoming_call() will oops because the rxrpc_backlo

  • CVE-2025-38488Jul 28, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However

  • CVE-2025-38466MedJul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAP_SYS_ADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the re

  • CVE-2025-38465MedJul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk->sk_rmem_alloc. Netlink has this pattern in some places if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf) atomic_add(skb->truesize, &sk->sk_rmem_alloc); , which has the

  • CVE-2025-38456Jul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() The "intf" list iterator is an invalid pointer if the correct "intf->intf_num" is not found. Calling atomic_dec(&intf->nr_users) on and in

  • CVE-2025-38419Jul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() When rproc->state = RPROC_DETACHED and rproc_attach() is used to attach to the remote processor, if rproc_handl

  • CVE-2025-38418Jul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc->clean_table after rproc_attach() fails When rproc->state = RPROC_DETACHED is attached to remote processor through rproc_attach(), if rproc_handle_resources() returns failure, th

  • CVE-2025-38408Jul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize `ops` member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work context. Otherwise the pointers

  • CVE-2025-38402Jul 25, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation

  • CVE-2025-38351Jul 19, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow

  • CVE-2025-38263Jul 9, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cache_set_flush() 1. LINE#1794 - LINE#1887 is some codes about function of bch_cache_set_alloc(). 2. LINE#2078 - LINE#2142 is some codes about function of register_cache_set().

  • CVE-2025-38255Jul 9, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() While testing null_blk with configfs, echo 0 > poll_queues will trigger following panic: BUG: kernel NULL pointer dereference, address: 000

  • CVE-2025-38234Jul 4, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do

  • CVE-2025-38119Jul 3, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter function can only succeed if UFSHCD_EH_IN_PROGRESS is not set because resuming involves sub

  • CVE-2025-22022Apr 16, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop bug, one without) were seen to cause IOMMU faults after some Missed Service Erro

  • CVE-2024-58090Mar 27, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouter_resume+0x0/0x50 WARNING: CPU: 0 PID: 560 at

  • CVE-2024-26584Feb 21, 2024
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES

Page 17 of 18