VYPR

rpm package

suse/kernel-livepatch-SLE15-SP6_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP6

pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6

Vulnerabilities (110)

  • CVE-2025-21724HigFeb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant "1" (of type int) by bitmap->

  • CVE-2025-21719HigFeb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling mr_mfc_uses_dev() for unres entries would crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif alias to "struct sk_buff_

  • CVE-2024-57996MedFeb 27, 2025
    affected < 2-150600.2.2fixed 2-150600.2.2

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

  • CVE-2024-57994MedFeb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() Jakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page() to increase test coverage. syzbot found a splat caused by hard irq

  • CVE-2025-21725Feb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below

  • CVE-2025-21716Feb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlan_vnifilter_dump() KMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1]. If the length of the netlink message payload is less than sizeof(struct tunnel_msg), vxlan

  • CVE-2025-21715Feb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot be used after free_netdev() call. Using dm after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of

  • CVE-2025-21705Feb 27, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: mptcp: handle fastopen disconnect correctly Syzbot was able to trigger a data stream corruption: WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024

  • CVE-2025-21702HigFeb 18, 2025
    affected < 4-150600.2.1fixed 4-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one

  • CVE-2025-21701MedFeb 13, 2025
    affected < 6-150600.2.1fixed 6-150600.2.1

    In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic

  • CVE-2025-21700Feb 13, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc

  • CVE-2025-21699Feb 12, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag: depending on that flag, the pages in the address space will either use buf

  • CVE-2025-21697Feb 12, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure job pointer is set to NULL after job completion After a job completes, the corresponding pointer in the device must be set to NULL. Failing to do so triggers a warning when unloading the driver,

  • CVE-2025-21692HigFeb 10, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. The overflow may cause lo

  • CVE-2025-21690Feb 10, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preve

  • CVE-2025-21689Feb 10, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-ptr-deref in qt2_process_read_urb() due to an incorrect bounds check in the following: if (newport > seria

  • CVE-2025-21688Feb 10, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign job pointer to NULL before signaling the fence In commit e4b5ccd392b9 ("drm/v3d: Ensure job pointer is set to NULL after job completion"), we introduced a change to assign the job pointer to NUL

  • CVE-2025-21687Feb 10, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device.

  • CVE-2025-21684Feb 9, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpio_lock to raw spinlock irq_chip functions may be called in raw spinlock context. Therefore, we must also use a raw spinlock for our own internal locking. This fixes the following lockd

  • CVE-2023-52925Feb 5, 2025
    affected < 1-150600.13.3.4fixed 1-150600.13.3.4

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't fail inserts if duplicate has expired nftables selftests fail: run-tests.sh testcases/sets/0044interval_overlap_0 Expected: 0-2 . 0-3, got: W: [FAILED] ./testcases/sets/0044inter

Page 3 of 6