rpm package

suse/kernel-livepatch-SLE15-SP6_Update_13&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (141)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-37921		—	< 1-150600.13.6.4	1-150600.13.6.4	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote (assuming one was configured) is dele
CVE-2025-37917		—	< 1-150600.13.6.4	1-150600.13.6.4	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver to avoid spinlock recursio
CVE-2025-37909		—	< 1-150600.13.6.4	1-150600.13.6.4	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to
CVE-2025-37884		—	< 1-150600.13.6.4	1-150600.13.6.4	May 9, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize
CVE-2025-37874		—	< 1-150600.13.6.4	1-150600.13.6.4	May 9, 2025	In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent error paths after
CVE-2025-37865		—	< 1-150600.13.6.4	1-150600.13.6.4	May 9, 2025	In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT: https://lore.kernel.org/ne
CVE-2025-37862		—	< 1-150600.13.6.4	1-150600.13.6.4	May 9, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optio
CVE-2025-37859		—	< 1-150600.13.6.4	1-150600.13.6.4	May 9, 2025	In the Linux kernel, the following vulnerability has been resolved: page_pool: avoid infinite loop to schedule delayed worker We noticed the kworker in page_pool_release_retry() was waken up repeatedly and infinitely in production because of the buggy driver causing the infligh
CVE-2025-37844		—	< 1-150600.13.6.4	1-150600.13.6.4	May 9, 2025	In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting
CVE-2025-37811		—	< 1-150600.13.6.4	1-150600.13.6.4	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the
CVE-2025-37801		—	< 1-150600.13.6.4	1-150600.13.6.4	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spi_imx_setupxfer() Add check for the return value of spi_imx_setupxfer(). spi_imx->rx and spi_imx->tx function pointer can be NULL when spi_imx_setupxfer() return error, and make NU
CVE-2025-37800		—	< 1-150600.13.6.4	1-150600.13.6.4	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential NULL pointer dereference in dev_uevent() If userspace reads "uevent" device attribute at the same time as another threads unbinds the device from its driver, change to dev->driver fro
CVE-2025-37756	Med	5.5	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us
CVE-2025-37786		—	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe failure If complete = true in dsa_tree_setup(), it means that we are the last switch of the tree which is successfully probing, and we should be setting up all switches fro
CVE-2025-37757		—	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to memory le
CVE-2025-37752		—	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
CVE-2025-37743		—	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid memory leak while enabling statistics Driver uses monitor destination rings for extended statistics mode and standalone monitor mode. In extended statistics mode, TLVs are parsed from the bu
CVE-2025-37738		—	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================
CVE-2025-23155		—	< 1-150600.13.6.4	1-150600.13.6.4	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hi
CVE-2025-22083	Hig	7.8	< 1-150600.13.6.4	1-150600.13.6.4	Apr 16, 2025	In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint If vhost_scsi_set_endpoint is called multiple times without a vhost_scsi_clear_endpoint between them, we can hit multiple bugs found by Haor

CVE-2025-37921May 20, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote (assuming one was configured) is dele
CVE-2025-37917May 20, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver to avoid spinlock recursio
CVE-2025-37909May 20, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to
CVE-2025-37884May 9, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock: CPU A _free_event() perf_kprobe_destroy() mutex_lock(&event_mutex) perf_trace_event_unreg() synchronize
CVE-2025-37874May 9, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent error paths after
CVE-2025-37865May 9, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT: https://lore.kernel.org/ne
CVE-2025-37862May 9, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optio
CVE-2025-37859May 9, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: page_pool: avoid infinite loop to schedule delayed worker We noticed the kworker in page_pool_release_retry() was waken up repeatedly and infinitely in production because of the buggy driver causing the infligh
CVE-2025-37844May 9, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting
CVE-2025-37811May 8, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the
CVE-2025-37801May 8, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spi_imx_setupxfer() Add check for the return value of spi_imx_setupxfer(). spi_imx->rx and spi_imx->tx function pointer can be NULL when spi_imx_setupxfer() return error, and make NU
CVE-2025-37800May 8, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential NULL pointer dereference in dev_uevent() If userspace reads "uevent" device attribute at the same time as another threads unbinds the device from its driver, change to dev->driver fro
CVE-2025-37756MedMay 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us
CVE-2025-37786May 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe failure If complete = true in dsa_tree_setup(), it means that we are the last switch of the tree which is successfully probing, and we should be setting up all switches fro
CVE-2025-37757May 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to memory le
CVE-2025-37752May 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
CVE-2025-37743May 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid memory leak while enabling statistics Driver uses monitor destination rings for extended statistics mode and standalone monitor mode. In extended statistics mode, TLVs are parsed from the bu
CVE-2025-37738May 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================
CVE-2025-23155May 1, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hi
CVE-2025-22083HigApr 16, 2025
affected < 1-150600.13.6.4fixed 1-150600.13.6.4
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint If vhost_scsi_set_endpoint is called multiple times without a vhost_scsi_clear_endpoint between them, we can hit multiple bugs found by Haor

Page 6 of 8