VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (167)

  • CVE-2025-22062Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for

  • CVE-2025-22058Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional

  • CVE-2025-22057Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dst_release Upstream fix ac888d58869b ("net: do not delay dst_entries_add() in dst_release()") moved decrementing the dst count from dst_destroy to dst_release to avoid acce

  • CVE-2025-22056Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence

  • CVE-2025-22050Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. This incons

  • CVE-2025-22044Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl Syzkaller has reported a warning in to_nfit_bus_uuid(): "only secondary bus families can be translated". This warning is emited if the argument is equal to

  • CVE-2025-22033Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in do_compat_alignment_fixup() do_alignment_t32_to_handler() only fixes up alignment faults for specific instructions; it returns NULL otherwise (e.g. LDREX). When that's the case, signal

  • CVE-2025-22030Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_l

  • CVE-2025-22027Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function ir_raw_event_store_with_filter(). This crash is caused by a NULL pointer de

  • CVE-2025-22025Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: put dl_stid if fail to queue dl_recall Before calling nfsd4_run_cb to queue dl_recall to the callback_wq, we increment the reference count of dl_stid. We expect that after the corresponding work_struct is

  • CVE-2024-58095Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before txBeginAnon() call Added a read-only check before calling `txBeginAnon` in `extAlloc` and `extRecord`. This prevents modification attempts on a read-only mounted filesystem, avoi

  • CVE-2024-58094Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfs_truncate_nolock() Added a check for "read-only" mode in the `jfs_truncate_nolock` function to avoid errors related to writing to a read-only filesystem. Call s

  • CVE-2024-58093Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free"), we would free the ASPM link only after the l

  • CVE-2023-53034Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and size. This would make xlate_pos negative. [ 23.734156] switcht

  • CVE-2025-22021Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket (if any).

  • CVE-2025-22018Apr 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holding_time are NULL. Because there is only for the situ

  • CVE-2025-21964Apr 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s

  • CVE-2025-21963Apr 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s

  • CVE-2025-21962Apr 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted fr

  • CVE-2025-21929Apr 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() During the `rmmod` operation for the `intel_ishtp_hid` driver, a use-after-free issue can occur in the hid_ishtp_cl_remove() function. The f

Page 7 of 9