VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (356)

  • CVE-2025-39693MedSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid a NULL pointer dereference [WHY] Although unlikely drm_atomic_get_new_connector_state() or drm_atomic_get_old_connector_state() can return NULL. [HOW] Check returns before dereference.

  • CVE-2025-39691HigSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bh_read() helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0

  • CVE-2025-39686HigSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: Make insn_rw_emulate_bits() do insn->n samples The `insn_rw_emulate_bits()` function is used as a default handler for `INSN_READ` instructions for subdevices that have a handler for `INSN_BITS` but not

  • CVE-2025-39685HigSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: pcl726: Prevent invalid irq number The reproducer passed in an irq number(0x80008000) that was too large, which triggered the oob. Added an interrupt number check to prevent users from passing in an ir

  • CVE-2025-39684MedSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() syzbot reports a KMSAN kernel-infoleak in `do_insn_ioctl()`. A kernel buffer is allocated to hold `insn->n` samples (each of w

  • CVE-2025-39682HigSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must process either - only contiguous DATA records (any number of them) - one non-DATA record If the next record has different type

  • CVE-2025-39681MedSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU in

  • CVE-2025-39675MedSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() The function mod_hdcp_hdcp1_create_session() calls the function get_first_active_display(), but does not check its return value. The re

  • CVE-2025-38736HigSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits (0-31). Without this

  • CVE-2025-38735MedSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: gve: prevent ethtool ops after shutdown A crash can occur if an ethtool operation is invoked after shutdown() is called. shutdown() is invoked during system shutdown to stop DMA operations without performing e

  • CVE-2025-38732MedSep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject: don't leak dst refcount for loopback packets recent patches to add a WARN() when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include

  • CVE-2025-39726Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: s390/ism: fix concurrency management in ism_cmd() The s390x ISM device data sheet clearly states that only one request-response sequence is allowable per ISM function at any point in time. Unfortunately as of

  • CVE-2025-39721Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat_4xxx, in a tight loop can lead to a crash due to a use-after-free scenar

  • CVE-2025-39705Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(). When display control c

  • CVE-2025-39679Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). When the nvif_vmm_type is invalid, we will return error directly without freeing the args in nvif_vmm_ctor(), which leading a memory leak. Fix it

  • CVE-2025-39678Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add a check.

  • CVE-2025-39677Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdisc_dequeue_internal This issue applies for the following qdiscs: hhf, fq, fq_codel, and fq_pie, and occurs in their change handlers when adjusting to the new limit. The p

  • CVE-2025-38734Sep 5, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix UAF on smcsk after smc_listen_out() BPF CI testing report a UAF issue: [ 16.446633] BUG: kernel NULL pointer dereference, address: 000000000000003 0 [ 16.447134] #PF: supervisor read acce

  • CVE-2025-38729HigSep 4, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too.

  • CVE-2025-38727MedSep 4, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the ju

Page 14 of 18