rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (80)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38616 | — | < 11-150600.2.1 | 11-150600.2.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i | ||
| CVE-2025-38500 | — | < 11-150600.2.1 | 11-150600.2.1 | Aug 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in | ||
| CVE-2025-38477 | Med | 4.7 | < 8-150600.2.1 | 8-150600.2.1 | Jul 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, q | |
| CVE-2025-38089 | — | < 8-150600.2.1 | 8-150600.2.1 | Jun 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC rep | ||
| CVE-2025-23145 | — | < 11-150600.2.1 | 11-150600.2.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a | ||
| CVE-2025-22115 | — | < 3-150600.2.1 | 3-150600.2.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat | ||
| CVE-2025-21802 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem | ||
| CVE-2025-21799 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() When getting the IRQ we use k3_udma_glue_tx_get_irq() which returns negative error value on error. So not NULL check is not suffi | ||
| CVE-2025-21795 | Med | 5.5 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang la | |
| CVE-2025-21772 | Hig | 7.8 | < 3-150600.2.1 | 3-150600.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede | |
| CVE-2025-21767 | Med | 5.5 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel | |
| CVE-2025-21791 | — | < 8-150600.2.1 | 8-150600.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou | ||
| CVE-2025-21790 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlan_vnigroup_init() return value vxlan_init() must check vxlan_vnigroup_init() success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canoni | ||
| CVE-2025-21728 | Med | 5.5 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues | |
| CVE-2025-21724 | Hig | 7.8 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant "1" (of type int) by bitmap-> | |
| CVE-2025-21719 | Hig | 7.1 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling mr_mfc_uses_dev() for unres entries would crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif alias to "struct sk_buff_ | |
| CVE-2024-57996 | Med | 5.5 | < 2-150600.2.1 | 2-150600.2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe | |
| CVE-2024-57994 | Med | 5.5 | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() Jakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page() to increase test coverage. syzbot found a splat caused by hard irq | |
| CVE-2025-21725 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below | ||
| CVE-2025-21716 | — | < 1-150600.1.3.2 | 1-150600.1.3.2 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlan_vnifilter_dump() KMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1]. If the length of the netlink message payload is less than sizeof(struct tunnel_msg), vxlan |
- CVE-2025-38616Aug 22, 2025affected < 11-150600.2.1fixed 11-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i
- CVE-2025-38500Aug 12, 2025affected < 11-150600.2.1fixed 11-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in
- affected < 8-150600.2.1fixed 8-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, q
- CVE-2025-38089Jun 30, 2025affected < 8-150600.2.1fixed 8-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC rep
- CVE-2025-23145May 1, 2025affected < 11-150600.2.1fixed 11-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a
- CVE-2025-22115Apr 16, 2025affected < 3-150600.2.1fixed 3-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocat
- CVE-2025-21802Feb 27, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem
- CVE-2025-21799Feb 27, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() When getting the IRQ we use k3_udma_glue_tx_get_irq() which returns negative error value on error. So not NULL check is not suffi
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang la
- affected < 3-150600.2.1fixed 3-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel
- CVE-2025-21791Feb 27, 2025affected < 8-150600.2.1fixed 8-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou
- CVE-2025-21790Feb 27, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlan_vnigroup_init() return value vxlan_init() must check vxlan_vnigroup_init() success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canoni
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant "1" (of type int) by bitmap->
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling mr_mfc_uses_dev() for unres entries would crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif alias to "struct sk_buff_
- affected < 2-150600.2.1fixed 2-150600.2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe
- affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() Jakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page() to increase test coverage. syzbot found a splat caused by hard irq
- CVE-2025-21725Feb 27, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below
- CVE-2025-21716Feb 27, 2025affected < 1-150600.1.3.2fixed 1-150600.1.3.2
In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlan_vnifilter_dump() KMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1]. If the length of the netlink message payload is less than sizeof(struct tunnel_msg), vxlan
Page 1 of 4