rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (344)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-39845 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() Define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure page tables are properly synchronized when calling p*d_popu | |
| CVE-2025-39844 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent me | |
| CVE-2025-39842 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. There | |
| CVE-2025-39839 | Hig | 7.1 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload head | |
| CVE-2025-39838 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it unchecked to cifs_strndup_to_u | |
| CVE-2025-39863 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work The brcmf_btcoex_detach() only shuts down the btcoex timer, if the flag timer_on is false. However, the brcmf_btcoex_timerfunc(), whic | ||
| CVE-2025-39861 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhci_release(), before associa | ||
| CVE-2025-39854 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ll_ts_intr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low | ||
| CVE-2025-39850 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is abl | ||
| CVE-2023-53424 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix of_iomap memory leak Smatch reports: drivers/clk/mediatek/clk-mtk.c:583 mtk_clk_simple_probe() warn: 'base' from of_iomap() not released on lines: 496. This problem was also found in lin | |
| CVE-2023-53421 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq structure with the associated blkg_iostat_set's, there are 2 fields within blkg_iostat | |
| CVE-2023-53447 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] PREEMPT SMP KASAN RIP: 001 | ||
| CVE-2023-53446 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci_dev of function 0. Previously we retained that pointer when removing function 0 | ||
| CVE-2023-53444 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thus moving it to the tail) will corrupt the list since the first pointer is not mov | ||
| CVE-2023-53442 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ i | ||
| CVE-2023-53441 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 (size 192): comm "syz-executor.3", pid 17672, jiffies | ||
| CVE-2023-53438 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current AMD Zen-based systems do not guarantee a synchronous #MC is delivered for poison consumption errors. Ther | ||
| CVE-2023-53436 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to | ||
| CVE-2023-53432 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: firewire: net: fix use after free in fwnet_finish_incoming_packet() The netif_rx() function frees the skb so we can't dereference it to save the skb->len. | ||
| CVE-2023-53429 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in __extent_writepage __extent_writepage currenly sets PageError whenever any error happens, and the also checks for PageError to decide if to call error handling. This leads to ver |
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() Define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure page tables are properly synchronized when calling p*d_popu
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent me
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. There
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload head
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it unchecked to cifs_strndup_to_u
- CVE-2025-39863Sep 19, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work The brcmf_btcoex_detach() only shuts down the btcoex timer, if the flag timer_on is false. However, the brcmf_btcoex_timerfunc(), whic
- CVE-2025-39861Sep 19, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhci_release(), before associa
- CVE-2025-39854Sep 19, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ll_ts_intr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low
- CVE-2025-39850Sep 19, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is abl
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix of_iomap memory leak Smatch reports: drivers/clk/mediatek/clk-mtk.c:583 mtk_clk_simple_probe() warn: 'base' from of_iomap() not released on lines: 496. This problem was also found in lin
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq structure with the associated blkg_iostat_set's, there are 2 fields within blkg_iostat
- CVE-2023-53447Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] PREEMPT SMP KASAN RIP: 001
- CVE-2023-53446Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci_dev of function 0. Previously we retained that pointer when removing function 0
- CVE-2023-53444Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thus moving it to the tail) will corrupt the list since the first pointer is not mov
- CVE-2023-53442Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ i
- CVE-2023-53441Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 (size 192): comm "syz-executor.3", pid 17672, jiffies
- CVE-2023-53438Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current AMD Zen-based systems do not guarantee a synchronous #MC is delivered for poison consumption errors. Ther
- CVE-2023-53436Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to
- CVE-2023-53432Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: firewire: net: fix use after free in fwnet_finish_incoming_packet() The netif_rx() function frees the skb so we can't dereference it to save the skb->len.
- CVE-2023-53429Sep 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in __extent_writepage __extent_writepage currenly sets PageError whenever any error happens, and the also checks for PageError to decide if to call error handling. This leads to ver
Page 4 of 18