rpm package
suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (239)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21761 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF. | |
| CVE-2025-21760 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF. | |
| CVE-2025-21756 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un | |
| CVE-2025-21753 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a | |
| CVE-2025-21745 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exi | |
| CVE-2025-21744 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the int | |
| CVE-2025-21739 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto | |
| CVE-2025-21735 | Hig | 7.8 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, nci_hci_connect_gate( | |
| CVE-2024-58020 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure | |
| CVE-2024-58017 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before perfor | |
| CVE-2024-58014 | Hig | 7.1 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access. | |
| CVE-2024-58009 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is called from l2cap_sock_new_connection_cb() and the error handling paths should als | |
| CVE-2024-58005 | Med | 5.5 | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0) [ 10.848132][ T1] -------- | |
| CVE-2025-21794 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() Syzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from hid-thrustmaster driver. This array is passed to usb_ | ||
| CVE-2025-21793 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: sn-f-ospi: Fix division by zero When there is no dummy cycle in the spi-nor commands, both dummy bus cycle bytes and width are zero. Because of the cpu's warning when divided by zero, the warning should be | ||
| CVE-2025-21791 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou | ||
| CVE-2025-21785 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate | ||
| CVE-2025-21784 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() In function psp_init_cap_microcode(), it should bail out when failed to load firmware, otherwise it may cause invalid memory access. | ||
| CVE-2025-21782 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... several people suggested fixes, I tested Al Viro's suggestion and made this patch. | ||
| CVE-2025-21781 | — | < 1-150600.13.5.1 | 1-150600.13.5.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix panic during interface removal Reference counting is used to ensure that batadv_hardif_neigh_node and batadv_hard_iface are not freed before/during batadv_v_elp_throughput_metric_update work is |
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exi
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the int
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, nci_hci_connect_gate(
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before perfor
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is called from l2cap_sock_new_connection_cb() and the error handling paths should als
- affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0) [ 10.848132][ T1] --------
- CVE-2025-21794Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() Syzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from hid-thrustmaster driver. This array is passed to usb_
- CVE-2025-21793Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: spi: sn-f-ospi: Fix division by zero When there is no dummy cycle in the spi-nor commands, both dummy bus cycle bytes and width are zero. Because of the cpu's warning when divided by zero, the warning should be
- CVE-2025-21791Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou
- CVE-2025-21785Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate
- CVE-2025-21784Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() In function psp_init_cap_microcode(), it should bail out when failed to load firmware, otherwise it may cause invalid memory access.
- CVE-2025-21782Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... several people suggested fixes, I tested Al Viro's suggestion and made this patch.
- CVE-2025-21781Feb 27, 2025affected < 1-150600.13.5.1fixed 1-150600.13.5.1
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix panic during interface removal Reference counting is used to ensure that batadv_hardif_neigh_node and batadv_hard_iface are not freed before/during batadv_v_elp_throughput_metric_update work is
Page 7 of 12