rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (161)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-23209	Hig	7.8	< 13-150700.2.1	13-150700.2.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l
CVE-2026-23111	Hig	7.8	< 13-150700.2.1	13-150700.2.1	Feb 13, 2026	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()
CVE-2026-23074	Hig	7.8	< 13-150700.2.1	13-150700.2.1	Feb 4, 2026	In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc
CVE-2026-22999	Hig	7.8	< 13-150700.2.1	13-150700.2.1	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.
CVE-2025-71120		—	< 13-150700.2.1	13-150700.2.1	Jan 14, 2026	In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres
CVE-2025-68813		—	< 12-150700.2.1	12-150700.2.1	Jan 13, 2026	In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure() without ensuring skb->dev is set, leading to a NULL pointer dereference in fib_compute_spec_
CVE-2025-71085		—	< 12-150700.2.1	12-150700.2.1	Jan 13, 2026	In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t
CVE-2025-68285		—	< 12-150700.2.1	12-150700.2.1	Dec 16, 2025	In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both
CVE-2025-68284		—	< 12-150700.2.1	12-150700.2.1	Dec 16, 2025	In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes wh
CVE-2025-40297		—	< 12-150700.2.1	12-150700.2.1	Dec 8, 2025	In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported[1] a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being del
CVE-2025-40284		—	< 12-150700.2.1	12-150700.2.1	Dec 6, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: cancel mesh send timer when hdev removed mesh_send_done timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone. Cancel the timer when MGMT remo
CVE-2025-40258		—	< 12-150700.2.1	12-150700.2.1	Dec 4, 2025	In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcp_schedule_work() syzbot reported use-after-free in mptcp_schedule_work() [1] Issue here is that mptcp_schedule_work() schedules a work, then gets a refcount on sk->sk_refcnt i
CVE-2025-40204		—	< 9-150700.2.1	9-150700.2.1	Nov 12, 2025	In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
CVE-2025-40186		—	< 10-150700.2.1	10-150700.2.1	Nov 12, 2025	In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). syzbot reported the splat below in tcp_conn_request(). [0] If a listener is close()d while a TFO socket is being processed in tcp_conn_request(),
CVE-2025-40159		—	< 13-150700.2.1	13-150700.2.1	Nov 12, 2025	In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly invalid values passed in xdp_desc from userspace can pass xp_{,un}aligned_validate_desc() and then lead to UBs or just invalid frame
CVE-2025-40129		—	< 10-150700.2.1	10-150700.2.1	Nov 12, 2025	In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix null pointer dereference on zero-length checksum In xdr_stream_decode_opaque_auth(), zero-length checksum.len causes checksum.data to be set to NULL. This triggers a NPD when accessing checksum.data
CVE-2025-40018		—	< 13-150700.2.1	13-150700.2.1	Oct 24, 2025	In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr
CVE-2025-39973		—	< 13-150700.2.1	13-150700.2.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu
CVE-2023-53676		—	< 9-150700.2.1	9-150700.2.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checkin
CVE-2025-39742	Med	5.5	< 10-150700.2.1	10-150700.2.1	Sep 11, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divi

CVE-2026-23209HigFeb 14, 2026
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l
CVE-2026-23111HigFeb 13, 2026
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()
CVE-2026-23074HigFeb 4, 2026
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc
CVE-2026-22999HigJan 25, 2026
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.
CVE-2025-71120Jan 14, 2026
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres
CVE-2025-68813Jan 13, 2026
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure() without ensuring skb->dev is set, leading to a NULL pointer dereference in fib_compute_spec_
CVE-2025-71085Jan 13, 2026
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t
CVE-2025-68285Dec 16, 2025
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both
CVE-2025-68284Dec 16, 2025
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes wh
CVE-2025-40297Dec 8, 2025
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported[1] a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being del
CVE-2025-40284Dec 6, 2025
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: cancel mesh send timer when hdev removed mesh_send_done timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone. Cancel the timer when MGMT remo
CVE-2025-40258Dec 4, 2025
affected < 12-150700.2.1fixed 12-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcp_schedule_work() syzbot reported use-after-free in mptcp_schedule_work() [1] Issue here is that mptcp_schedule_work() schedules a work, then gets a refcount on sk->sk_refcnt i
CVE-2025-40204Nov 12, 2025
affected < 9-150700.2.1fixed 9-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
CVE-2025-40186Nov 12, 2025
affected < 10-150700.2.1fixed 10-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). syzbot reported the splat below in tcp_conn_request(). [0] If a listener is close()d while a TFO socket is being processed in tcp_conn_request(),
CVE-2025-40159Nov 12, 2025
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly invalid values passed in xdp_desc from userspace can pass xp_{,un}aligned_validate_desc() and then lead to UBs or just invalid frame
CVE-2025-40129Nov 12, 2025
affected < 10-150700.2.1fixed 10-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix null pointer dereference on zero-length checksum In xdr_stream_decode_opaque_auth(), zero-length checksum.len causes checksum.data to be set to NULL. This triggers a NPD when accessing checksum.data
CVE-2025-40018Oct 24, 2025
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr
CVE-2025-39973Oct 15, 2025
affected < 13-150700.2.1fixed 13-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu
CVE-2023-53676Oct 7, 2025
affected < 9-150700.2.1fixed 9-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checkin
CVE-2025-39742MedSep 11, 2025
affected < 10-150700.2.1fixed 10-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divi

Page 1 of 9