rpm package
suse/kernel-livepatch-SLE15-SP6_Update_11&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (202)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21957 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its c | ||
| CVE-2025-21956 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign normalized_pix_clk when color depth = 14 [WHY & HOW] A warning message "WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397 calculate_phy_pix_clks+0xef/0x100 [amdgpu]" occurs because the | ||
| CVE-2025-21953 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfs_remove() When on a MANA VM hibernation is triggered, as part of hibernate_snapshot(), mana_gd_suspend() and mana_gd_resume() are called. If during this mana_gd_resum | ||
| CVE-2025-21951 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller | ||
| CVE-2025-21950 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_state", which are then copied t | ||
| CVE-2025-21948 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in input_event(). BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrume | ||
| CVE-2025-21943 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both new_device_store and delete_device_store touch module global resources (e.g. gpio_aggregator_lock). To prevent race conditions with modu | ||
| CVE-2025-21941 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx | ||
| CVE-2025-21937 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() in mgmt_remote_name() to prevent null pointer dereference. | ||
| CVE-2025-21936 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer dereference. | ||
| CVE-2025-21935 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. If it fails, put_device() should be called to free the memory and give up the reference initial | ||
| CVE-2025-21934 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. Thus, put_device() should be used rather than kfree(). Add "mport->net = NULL; | ||
| CVE-2025-21931 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 ("hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined) add page poison checks in do_migrate_range in order to m | ||
| CVE-2025-21930 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi] Call | ||
| CVE-2025-21928 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein | ||
| CVE-2025-21927 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvme_tcp_recv_pdu() doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invali | ||
| CVE-2025-21926 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later or | ||
| CVE-2025-21925 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: llc: do not use skb_get() before dev_queue_xmit() syzbot is able to crash hosts [1], using llc and devices not supporting IFF_TX_SKB_SHARING. In this case, e1000 driver calls eth_skb_pad(), while the skb is sh | ||
| CVE-2025-21924 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error During the initialization of ptp, hclge_ptp_get_cycle might return an error and returned directly without unregiste | ||
| CVE-2025-21923 | — | < 1-150600.13.3.1 | 1-150600.13.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the client_hdev used for intercepting hidraw access. This can lead to scheduling deferred work to rea |
- CVE-2025-21957Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its c
- CVE-2025-21956Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign normalized_pix_clk when color depth = 14 [WHY & HOW] A warning message "WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397 calculate_phy_pix_clks+0xef/0x100 [amdgpu]" occurs because the
- CVE-2025-21953Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfs_remove() When on a MANA VM hibernation is triggered, as part of hibernate_snapshot(), mana_gd_suspend() and mana_gd_resume() are called. If during this mana_gd_resum
- CVE-2025-21951Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller
- CVE-2025-21950Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_state", which are then copied t
- CVE-2025-21948Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in input_event(). BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrume
- CVE-2025-21943Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both new_device_store and delete_device_store touch module global resources (e.g. gpio_aggregator_lock). To prevent race conditions with modu
- CVE-2025-21941Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx
- CVE-2025-21937Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() in mgmt_remote_name() to prevent null pointer dereference.
- CVE-2025-21936Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer dereference.
- CVE-2025-21935Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. If it fails, put_device() should be called to free the memory and give up the reference initial
- CVE-2025-21934Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. Thus, put_device() should be used rather than kfree(). Add "mport->net = NULL;
- CVE-2025-21931Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 ("hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined) add page poison checks in do_migrate_range in order to m
- CVE-2025-21930Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi] Call
- CVE-2025-21928Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein
- CVE-2025-21927Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvme_tcp_recv_pdu() doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invali
- CVE-2025-21926Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later or
- CVE-2025-21925Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: llc: do not use skb_get() before dev_queue_xmit() syzbot is able to crash hosts [1], using llc and devices not supporting IFF_TX_SKB_SHARING. In this case, e1000 driver calls eth_skb_pad(), while the skb is sh
- CVE-2025-21924Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error During the initialization of ptp, hclge_ptp_get_cycle might return an error and returned directly without unregiste
- CVE-2025-21923Apr 1, 2025affected < 1-150600.13.3.1fixed 1-150600.13.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the client_hdev used for intercepting hidraw access. This can lead to scheduling deferred work to rea
Page 7 of 11