rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_17&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (190)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-39683 | Hig | 7.1 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser->buffer when trace_get_user failed When the length of the string written to set_ftrace_filter exceeds FTRACE_BUFF_MAX, the following KASAN alarm will be triggered: BUG: KASAN: s | |
| CVE-2025-39676 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error point | |
| CVE-2025-39673 | Med | 4.7 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in ppp_fill_forward_path ppp_fill_forward_path() has two race conditions: 1. The ppp->channels list can change between list_empty() and list_first_entry(), as ppp_lock() is not held | |
| CVE-2025-38700 | Med | 5.5 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated In case of an ib_fast_reg_mr allocation failure during iSER setup, the machine hits a panic because iscsi_conn->dd_data is initialized | |
| CVE-2025-38699 | Hig | 7.8 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfad_im_probe() function fails during initialization, the memory pointed to by bfad->im is freed without setting bfad->im to NULL. Subsequently, during driver uninstallation | |
| CVE-2025-38718 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uniniti | ||
| CVE-2025-38653 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may cause UAF in rmmod scenario. It's a gap in proc_reg_open() after commit 654b33ada4 | ||
| CVE-2025-38552 | Hig | 7.8 | < 1-150600.1.3.1 | 1-150600.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trig | |
| CVE-2025-38539 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum | ||
| CVE-2025-38008 | — | < 1-150600.1.3.1 | 1-150600.1.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: fix race condition in unaccepted memory handling The page allocator tracks the number of zones that have unaccepted memory using static_branch_enc/dec() and uses that static branch in hot paths t |
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser->buffer when trace_get_user failed When the length of the string written to set_ftrace_filter exceeds FTRACE_BUFF_MAX, the following KASAN alarm will be triggered: BUG: KASAN: s
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error point
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in ppp_fill_forward_path ppp_fill_forward_path() has two race conditions: 1. The ppp->channels list can change between list_empty() and list_first_entry(), as ppp_lock() is not held
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated In case of an ib_fast_reg_mr allocation failure during iSER setup, the machine hits a panic because iscsi_conn->dd_data is initialized
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfad_im_probe() function fails during initialization, the memory pointed to by bfad->im is freed without setting bfad->im to NULL. Subsequently, during driver uninstallation
- CVE-2025-38718Sep 4, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot reported two use-of-uniniti
- CVE-2025-38653Aug 22, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may cause UAF in rmmod scenario. It's a gap in proc_reg_open() after commit 654b33ada4
- affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trig
- CVE-2025-38539Aug 16, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum
- CVE-2025-38008Jun 18, 2025affected < 1-150600.1.3.1fixed 1-150600.1.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: fix race condition in unaccepted memory handling The page allocator tracks the number of zones that have unaccepted memory using static_branch_enc/dec() and uses that static branch in hot paths t
Page 10 of 10