VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (265)

  • CVE-2025-38664Aug 22, 2025
    affected < 10-150600.4.1fixed 10-150600.4.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.

  • CVE-2025-38618Aug 22, 2025
    affected < 10-150600.4.1fixed 10-150600.4.1

    In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac

  • CVE-2025-38617Aug 22, 2025
    affected < 10-150600.4.1fixed 10-150600.4.1

    In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a

  • CVE-2025-38555Aug 19, 2025
    affected < 7-150600.2.2fixed 7-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in composite_dev_cleanup() 1. In func configfs_composite_bind() -> composite_os_desc_req_prepare(): if kmalloc fails, the pointer cdev->os_desc_req will be freed but not set to

  • CVE-2025-38498MedJul 30, 2025
    affected < 7-150600.2.2fixed 7-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

  • CVE-2025-38181Jul 4, 2025
    affected < 7-150600.2.2fixed 7-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_

  • CVE-2025-38177Jul 4, 2025
    affected < 7-150600.2.2fixed 7-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca

  • CVE-2025-38109Jul 3, 2025
    affected < 7-150600.2.2fixed 7-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop

  • CVE-2025-37797May 2, 2025
    affected < 4-150600.2.1fixed 4-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

  • CVE-2025-37752May 1, 2025
    affected < 4-150600.2.1fixed 4-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c

  • CVE-2025-22115Apr 16, 2025
    affected < 3-150600.2.1fixed 3-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat

  • CVE-2025-21772HigFeb 27, 2025
    affected < 3-150600.2.1fixed 3-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede

  • CVE-2025-21702HigFeb 18, 2025
    affected < 4-150600.2.1fixed 4-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one

  • CVE-2025-21678MedJan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtp_newlink() links the device to a list in dev_net(dev) instead of src_net, where a udp tunnel socket is created. Even when src_net is removed, the

  • CVE-2025-21669MedJan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause iss

  • CVE-2025-21666MedJan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() when a vsock socket has been de-assigned from a transport (see attached links), bu

  • CVE-2025-21682Jan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp # ip li set dev eth0 xdp of

  • CVE-2025-21676Jan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: fec: handle page_pool_dev_alloc_pages error The fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did not handle the case when it returned NULL. There was a WARN_ON(!new_page) but it would s

  • CVE-2025-21675Jan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clear port select structure when fail to create Clear the port select structure on error so no stale values left after definers are destroyed. That's because the mlx5_lag_destroy_definers() always try

  • CVE-2025-21674Jan 31, 2025
    affected < 1-150600.1.3.1fixed 1-150600.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel Attempt to enable IPsec packet offload in tunnel mode in debug kernel generates the following kernel panic, which is happening due to two

Page 1 of 14