VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_12&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (213)

  • CVE-2025-37815MedMay 8, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing

  • CVE-2025-37812MedMay 8, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 ("usb: cdnsp: Fix deadlock issue during using NCM gadget"). Under PREEMPT_RT t

  • CVE-2025-37810HigMay 8, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu

  • CVE-2025-37809MedMay 8, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue.

  • CVE-2025-37805MedMay 8, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancel_sync warnings on uninitialized work_structs Betty reported hitting the following warning: [ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... [ 8.713282][

  • CVE-2025-37803HigMay 8, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

  • CVE-2024-58237MedMay 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: consider that tail calls invalidate packet pointers Tail-called programs could execute any of the helpers that invalidate packet pointers. Hence, conservatively assume that each tail call invalidates packe

  • CVE-2024-58100MedMay 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: check changes_pkt_data property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changes_pkt

  • CVE-2024-58098MedMay 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: track changes_pkt_data property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. For example, consider the following program:

  • CVE-2025-37798HigMay 2, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi

  • CVE-2025-37797HigMay 2, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

  • CVE-2025-37796HigMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use after free access in at76_disconnect The memory pointed to by priv is freed at the end of at76_delete_device function (using ieee80211_free_hw). But the code then accesses the udev field

  • CVE-2025-37794MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Purge vif txq in ieee80211_do_stop() After ieee80211_do_stop() SKB from vif's txq could still be processed. Indeed another concurrent vif schedule_and_wake_txq call could cause those packets to

  • CVE-2025-37793MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, avs_component_probe() does not check for this case, which results in a NULL p

  • CVE-2025-37792MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtl_initialize() function checks that rtl_load_file() either had an error or it loaded a zero length file. However, if it loaded a zero length file th

  • CVE-2025-37790MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup.

  • CVE-2025-37789HigMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.

  • CVE-2025-37788MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path In the for loop used to allocate the loc_array and bmap for each port, a memory leak is possible when the allocation for loc_array succeeds, but

  • CVE-2025-37787MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver: https://lore.kernel

  • CVE-2025-37781MedMay 1, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also b

Page 7 of 11