rpm package
suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (239)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-58056 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs | ||
| CVE-2024-58055 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command. | ||
| CVE-2024-58054 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 000073757 | ||
| CVE-2024-58052 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom | ||
| CVE-2025-21823 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need t | ||
| CVE-2025-21821 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm | ||
| CVE-2025-21820 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr() | ||
| CVE-2025-21819 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with two edp panel. | ||
| CVE-2025-21815 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in isolate_freepages_block(). The bogus compound_order can be any value because it | ||
| CVE-2025-21810 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() There are a potential wild pointer dereferences issue regarding APIs class_dev_iter_(init|next|exit)(), as explained by below typic | ||
| CVE-2025-21804 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resource. A string variable th | ||
| CVE-2024-58034 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_by_ram_code() releases som | ||
| CVE-2025-21796 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the | |
| CVE-2025-21776 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen | |
| CVE-2025-21772 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede | |
| CVE-2025-21766 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear. | |
| CVE-2025-21765 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear. | |
| CVE-2025-21764 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF. | |
| CVE-2025-21763 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. | |
| CVE-2025-21762 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. |
- CVE-2024-58056Mar 6, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs
- CVE-2024-58055Mar 6, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command.
- CVE-2024-58054Mar 6, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 000073757
- CVE-2024-58052Mar 6, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom
- CVE-2025-21823Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need t
- CVE-2025-21821Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm
- CVE-2025-21820Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr()
- CVE-2025-21819Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with two edp panel.
- CVE-2025-21815Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in isolate_freepages_block(). The bogus compound_order can be any value because it
- CVE-2025-21810Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() There are a potential wild pointer dereferences issue regarding APIs class_dev_iter_(init|next|exit)(), as explained by below typic
- CVE-2025-21804Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resource. A string variable th
- CVE-2024-58034Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_by_ram_code() releases som
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
Page 6 of 12