VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_11&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (45)

  • CVE-2026-23274HigMar 20, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio

  • CVE-2026-23272HigMar 20, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be

  • CVE-2026-23270HigMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held b

  • CVE-2026-23259MedMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through io_req_rw_cleanup() and has an allocated iovec attached and fails to put to the rw_cache, then it may end

  • CVE-2026-23255MedMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Real issue is that ptype_seq_next() and ptype_seq_show() violate RCU rules. ptype_

  • CVE-2025-71269MedMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an o

  • CVE-2025-71268MedMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from __cow_file_range_inline() without freeing the reserved qgroup dat

  • CVE-2026-23243HigMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len

  • CVE-2026-23242HigMar 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp-

  • CVE-2026-23231HigMar 4, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If nf_tables_reg

  • CVE-2025-71231Feb 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empt

  • CVE-2026-23216Feb 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() In iscsit_dec_conn_usage_count(), the function calls complete() while holding the conn->conn_usage_lock. As soon as complete() is invoked

  • CVE-2026-23215Feb 18, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobbers Fedora QA reported the following panic: BUG: unable to handle page fault for address: 0000000040003e54 #PF: supervisor write access in kernel mode #PF: error_code(0x000

  • CVE-2026-23193HigFeb 14, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function calls complete() while holding the sess->session_usage_lock. Similar to the connecti

  • CVE-2026-23201Feb 14, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree() in parse_longname() This fixes a kernel oops when reading ceph snapshot directories (.snap), for example by simply running `ls /mnt/my_ceph/.snap`. The variabl

  • CVE-2026-23187Feb 14, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains Fix out-of-range access of bc->domains in imx8m_blk_ctrl_remove().

  • CVE-2026-23136HigFeb 14, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply

  • CVE-2026-23140Feb 14, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_frame structure takes up part of the XDP frame headroom, limiting the size of the metadata. However, in bpf_test_run, we don't take t

  • CVE-2026-23120Feb 14, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tp_tunnel_del_work() We should read sk->sk_socket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tp_tunnel_del_work /

  • CVE-2026-23103HigFeb 4, 2026
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so