VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (281)

  • CVE-2025-38129HigJul 3, 2025
    affected < 14-150600.2.1fixed 14-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of

  • CVE-2025-38111HigJul 3, 2025
    affected < 13-150600.2.1fixed 13-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of

  • CVE-2025-38109HigJul 3, 2025
    affected < 7-150600.2.1fixed 7-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop

  • CVE-2025-38083MedJun 20, 2025
    affected < 5-150600.2.1fixed 5-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU

  • CVE-2025-38079HigJun 18, 2025
    affected < 5-150600.2.1fixed 5-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

  • CVE-2024-58013HigFeb 27, 2025
    affected < 2-150600.2.2fixed 2-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free

  • CVE-2024-57996MedFeb 27, 2025
    affected < 2-150600.2.2fixed 2-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

  • CVE-2025-21682MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp # ip li set dev eth0 xdp of

  • CVE-2025-21680HigJan 31, 2025
    affected < 2-150600.2.2fixed 2-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amount of imix entries leads to invalid access to the pkt_dev->imix_entries array because of the incorrect boundary check. UBSAN: arr

  • CVE-2025-21678MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtp_newlink() links the device to a list in dev_net(dev) instead of src_net, where a udp tunnel socket is created. Even when src_net is removed, the

  • CVE-2025-21676MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: fec: handle page_pool_dev_alloc_pages error The fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did not handle the case when it returned NULL. There was a WARN_ON(!new_page) but it would s

  • CVE-2025-21675MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clear port select structure when fail to create Clear the port select structure on error so no stale values left after definers are destroyed. That's because the mlx5_lag_destroy_definers() always try

  • CVE-2025-21674MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel Attempt to enable IPsec packet offload in tunnel mode in debug kernel generates the following kernel panic, which is happening due to two

  • CVE-2025-21670MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: vsock/bpf: return early if transport is not assigned Some of the core functions can only be called if the transport has been assigned. As Michal reported, a socket might have the transport at NULL, for example

  • CVE-2025-21669MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause iss

  • CVE-2025-21666MedJan 31, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() when a vsock socket has been de-assigned from a transport (see attached links), bu

  • CVE-2025-21664MedJan 21, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: dm thin: make get_first_thin use rcu-safe list first function The documentation in rculist.h explains the absence of list_empty_rcu() and cautions programmers against relying on a list_empty() -> list_first() s

  • CVE-2025-21663MedJan 21, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID) to be written to the MGBE_WRAP_AXI_ASID0_CTRL register. The current driver is

  • CVE-2025-21662MedJan 21, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmd_alloc_index(), fails cmd_work_handler() needs to complete ent->slotted before returning early. Otherwise the task which issued the comma

  • CVE-2025-21656MedJan 21, 2025
    affected < 1-150600.13.3.2fixed 1-150600.13.3.2

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur scsi_execute_cmd() function can return both negative (linux codes) and positive (scsi_cmnd result field) error codes. Currently the d

Page 2 of 15