VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (356)

  • CVE-2025-39871Sep 23, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxd_free The call to idxd_free() introduces a duplicate put_device() leading to a reference count underflow: refcount_t: underflow; use-after-free. WARNING: CPU: 15 PID: 4428 a

  • CVE-2025-39870Sep 23, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxd_setup_wqs() The clean up in idxd_setup_wqs() has had a couple bugs because the error handling is a bit subtle. It's simpler to just re-write it in a cleaner way. The i

  • CVE-2025-39869Sep 23, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Fix a critical memory allocation bug in edma_setup_from_hw() where queue_priority_map was allocated with insufficient memory. The code decl

  • CVE-2025-39865MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in tee_shm_put tee_shm_put have NULL pointer dereference: __optee_disable_shm_cache --> shm = reg_pair_to_ptr(...);//shm maybe return NULL tee_shm_free(shm); --> te

  • CVE-2025-39864HigSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the las

  • CVE-2025-39860HigSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() syzbot reported the splat below without a repro. In the splat, a single thread calling bt_accept_dequeue() freed sk and touched it after that. The

  • CVE-2025-39857MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() BUG: kernel NULL pointer dereference, address: 00000000000002ec PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kwor

  • CVE-2025-39853HigSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty list_first_entry() never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory acces

  • CVE-2025-39849HigSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would lead to memory corruption so add some bounds checking.

  • CVE-2025-39848MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25_kiss_rcv() Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d ("net: introduce per netns packet chains"). skb->dev becomes NULL and we crash in __

  • CVE-2025-39847MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ppp: fix memory leak in pad_compress_skb If alloc_skb() fails in pad_compress_skb(), it returns NULL without releasing the old skb. The caller does: skb = pad_compress_skb(ppp, skb); if (!skb)

  • CVE-2025-39846MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to res and used in pci_bus_alloc_resource(). There is a dereference of res in p

  • CVE-2025-39845MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() Define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure page tables are properly synchronized when calling p*d_popu

  • CVE-2025-39844MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent me

  • CVE-2025-39842MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. There

  • CVE-2025-39839HigSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload head

  • CVE-2025-39838MedSep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it unchecked to cifs_strndup_to_u

  • CVE-2025-39863Sep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work The brcmf_btcoex_detach() only shuts down the btcoex timer, if the flag timer_on is false. However, the brcmf_btcoex_timerfunc(), whic

  • CVE-2025-39861Sep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhci_release(), before associa

  • CVE-2025-39854Sep 19, 2025
    affected < 1-150600.13.3.1fixed 1-150600.13.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ll_ts_intr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low

Page 4 of 18