VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6-RT_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (80)

  • CVE-2025-21647HigJan 19, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters

  • CVE-2025-21640MedJan 19, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency:

  • CVE-2025-21639MedJan 19, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rto_min/max: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: gett

  • CVE-2025-21638MedJan 19, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: auth_enable: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: gett

  • CVE-2025-21637Jan 19, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting

  • CVE-2025-21636Jan 19, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsis

  • CVE-2024-57889Jan 15, 2025
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking If a device uses MCP23xxx IO expander to receive IRQs, the following bug can happen: BUG: sleeping function called from invalid context

  • CVE-2024-56720Dec 29, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. In sk_msg_shift_left, we should put_page 2. if (len == 0), return early is better 3. pop the entire sk_msg (last == msg->sg.

  • CVE-2024-56647MedDec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering ip_rt_bug arp link failure may trigger ip_rt_bug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20 Modules linked in:

  • CVE-2024-56633Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg The current sk memory accounting logic in __SK_REDIRECT is pre-uncharging tosend bytes, which is either msg->sg.size or a smaller value apply_bytes. Po

  • CVE-2024-56605Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o

  • CVE-2024-56579Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led to

  • CVE-2024-56548Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like

  • CVE-2024-56539Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa

  • CVE-2024-53239Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as

  • CVE-2024-53226Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() ib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument. The driver needs to check whether it is a NULL pointer before dereferencing it

  • CVE-2024-53178Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with open_cached_dir open_cached_dir() may either race with the tcon reconnection even before compound_send_recv() or directly trigger a reconnection via SMB2_open_init

  • CVE-2024-53177Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in

  • CVE-2024-53176Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can race with various cached directory operations, which ultimately re

  • CVE-2024-53173Dec 27, 2024
    affected < 1-150600.1.3.2fixed 1-150600.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs

Page 3 of 4