VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_12&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (207)

  • CVE-2025-37948May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program

  • CVE-2025-37944May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Currently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry to fetch the next entry from the destination ring. This is incor

  • CVE-2025-37943May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi

  • CVE-2025-37937May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result is a divide-by-zero. Prevent that from happening. Fixes the follow

  • CVE-2025-37932May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t

  • CVE-2025-37930May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveau_fence_signal(). However, in at least one other

  • CVE-2025-37929May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays Commit a5951389e58d ("arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists") added some additional CPUs to the Spectre-BHB

  • CVE-2025-37928May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet are enabled. [ 129.444685][ T934] BUG: sleeping function called from invalid con

  • CVE-2025-37918May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() A NULL pointer dereference can occur in skb_dequeue() when processing a QCA firmware crash dump on WCN7851 (0489:e0f3). [ 93.672166] Bluetooth:

  • CVE-2025-37915May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant

  • CVE-2025-37914May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant

  • CVE-2025-37913May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant

  • CVE-2025-37912May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() As mentioned in the commit baeb705fd6a7 ("ice: always check VF VSI pointer values"), we need to perform a null pointer check on the return value of ice_

  • CVE-2025-37911May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix out-of-bound memcpy() during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [

  • CVE-2025-37905May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Balance device refcount when destroying devices Using device_find_child() to lookup the proper SCMI device to destroy causes an unbalance in device refcount, since device_find_child() calls

  • CVE-2025-37903May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector objects without incrementing the kref reference counts. When using a USB-C dock, and the

  • CVE-2025-37901May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs On Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not have a corresponding MPM pin and should not be handled inside the M

  • CVE-2025-37900May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommu_copy_struct_from_user() In the review for iommu_copy_struct_to_user() helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it: https://lore.kerne

  • CVE-2025-37897May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release plfxlc_mac_release() asserts that mac->lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour

  • CVE-2025-37892May 20, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftl_read_oob() In INFTL_findwriteunit(), the return value of inftl_read_oob() need to be checked. A proper implementation can be found in INFTL_deleteblock(). The status wi

Page 4 of 11