VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (167)

  • CVE-2025-40159Nov 12, 2025
    affected < 13-150700.2.1fixed 13-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly invalid values passed in xdp_desc from userspace can pass xp_{,un}aligned_validate_desc() and then lead to UBs or just invalid frame

  • CVE-2025-40129Nov 12, 2025
    affected < 10-150700.2.1fixed 10-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix null pointer dereference on zero-length checksum In xdr_stream_decode_opaque_auth(), zero-length checksum.len causes checksum.data to be set to NULL. This triggers a NPD when accessing checksum.data

  • CVE-2025-40018Oct 24, 2025
    affected < 13-150700.2.1fixed 13-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr

  • CVE-2025-39973Oct 15, 2025
    affected < 13-150700.2.1fixed 13-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu

  • CVE-2023-53676HigOct 7, 2025
    affected < 9-150700.2.1fixed 9-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checkin

  • CVE-2025-39742MedSep 11, 2025
    affected < 10-150700.2.1fixed 10-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divi

  • CVE-2025-39682HigSep 5, 2025
    affected < 9-150700.2.1fixed 9-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must process either - only contiguous DATA records (any number of them) - one non-DATA record If the next record has different type

  • CVE-2025-38616HigAug 22, 2025
    affected < 8-150700.2.1fixed 8-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i

  • CVE-2025-38608MedAug 19, 2025
    affected < 9-150700.2.1fixed 9-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data len

  • CVE-2025-38588MedAug 19, 2025
    affected < 9-150700.2.1fixed 9-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6_nlmsg_size() While testing prior patch, I was able to trigger an infinite loop in rt6_nlmsg_size() in the following place: list_for_each_entry_rcu(sibling, &f6i->fib6_sibling

  • CVE-2025-38572HigAug 19, 2025
    affected < 9-150700.2.1fixed 9-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6_gso_segment() syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb->transport_header. This 16bit field has a limited rang

  • CVE-2025-38555HigAug 19, 2025
    affected < 4-150700.2.2fixed 4-150700.2.2

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget : fix use-after-free in composite_dev_cleanup() 1. In func configfs_composite_bind() -> composite_os_desc_req_prepare(): if kmalloc fails, the pointer cdev->os_desc_req will be freed but not set to

  • CVE-2025-38500HigAug 12, 2025
    affected < 8-150700.2.1fixed 8-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in

  • CVE-2025-38498MedJul 30, 2025
    affected < 4-150700.2.2fixed 4-150700.2.2

    In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

  • CVE-2025-38495MedJul 28, 2025
    affected < 2-150700.2.1fixed 2-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated b

  • CVE-2025-38494HigJul 28, 2025
    affected < 2-150700.2.1fixed 2-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those

  • CVE-2025-38488HigJul 28, 2025
    affected < 12-150700.2.1fixed 12-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However

  • CVE-2025-38476HigJul 28, 2025
    affected < 9-150700.2.1fixed 9-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpl_do_srh_inline(). Running lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers the splat below [0]. rpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after skb_cow_he

  • CVE-2025-38352HigKEVJul 22, 2025
    affected < 10-150700.2.1fixed 10-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be

  • CVE-2025-38212HigJul 4, 2025
    affected < 3-150700.2.1fixed 3-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i

Page 2 of 9