VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_14&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (264)

  • CVE-2025-38064Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on device_shutdown() Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region '(n

  • CVE-2025-38062Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie The IOMMU translation for MSI message addresses has been a 2-step process, separated in time: 1) iommu_dma_prepare_msi(): A cookie

  • CVE-2025-38061Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() Honour the user given buffer size for the strn_len() calls (otherwise strn_len() will access memory outside of the user given buffer

  • CVE-2025-38052Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG:

  • CVE-2025-38051Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warni

  • CVE-2025-38035Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null sk_state_change queue->state_change is set as part of nvmet_tcp_set_queue_sock(), but if the TCP connection isn't established when nvmet_tcp_set_queue_sock() is called then queue->

  • CVE-2025-38034Jun 18, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref btrfs_prelim_ref() calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref i

  • CVE-2025-37984May 20, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Herbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa implementation's ->key_size() callback returns an unusually large valu

  • CVE-2025-37920May 20, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AF_XDP generic RX path Move rx_lock from xsk_socket to xsk_buff_pool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xsk_buff_pool. R

  • CVE-2025-37864MedMay 9, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d ("net: dsa: delete dsa_legacy_fdb_add and dsa_legacy_fdb_del"), DSA is written given the assumption th

  • CVE-2025-37885May 9, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardle

  • CVE-2025-37856May 9, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: btrfs: harden block_group::bg_list against list_del() races As far as I can tell, these calls of list_del_init() on bg_list cannot run concurrently with btrfs_mark_bg_unused() or btrfs_mark_bg_to_reclaim(), as

  • CVE-2025-37798May 2, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdi

  • CVE-2025-23163May 1, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================ [ 1.211571] WARNING: possible re

  • CVE-2025-22090Apr 16, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the maple tree. As fork() fails, we'll cleanup the maple tree, and stumble over

  • CVE-2025-21872Mar 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we (re)map the entire table on each iteration of the loop, adding space as we discover new entries. If t

  • CVE-2025-21854Mar 12, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsock_proto::psock_update_sk_prot(). However, there is an edge case wh

  • CVE-2025-21839Mar 7, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load

  • CVE-2024-57947Jan 23, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea

  • CVE-2024-56742Dec 29, 2024
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed t

Page 13 of 14