VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (102)

  • CVE-2026-46209HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() drm_gem_fb_init_with_funcs() computes sub-sampled plane dimensions using plain integer division: unsigned int width = mo

  • CVE-2026-46181HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() Sashiko points out the radix_tree itself is RCU safe, but nothing ever frees the mlx4_srq struct with RCU, and it isn't even accessed within the RCU critical se

  • CVE-2026-46176HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() mlx5_ib_dev_res_srq_init() allocates two SRQs, s0 and s1. When ib_create_srq() fails for s1, the error branch destroys s0 but falls through a

  • CVE-2026-46159MedMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak btrfs_ioctl_space_info() has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entrie

  • CVE-2026-46157HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it ma

  • CVE-2026-46114HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads atomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c unconditionally dereferences 8 bytes at payload_addr(pkt): value = *(u64 *)payload_addr(pkt);

  • CVE-2026-46113HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index. This assumption breaks for shadow paging if the guest pag

  • CVE-2026-46111HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in create_big_sync Add hci_conn_valid() check in create_big_sync() to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in crea

  • CVE-2026-46110HigMay 28, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to th

  • CVE-2026-46094May 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access The bounds check for the next xattr entry in check_xattrs() uses (void *)next >= end, which allows next to point within sizeof(u32) bytes

  • CVE-2026-46090HigMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopback_check_format() may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa6

  • CVE-2026-46083May 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a device to avoid leaking any resources allocated by setup().

  • CVE-2026-46079May 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when device_add_disk() fails do_rbd_add() publishes the device with device_add() before calling device_add_disk(). If device_add_disk() fails after device_add() succeeds, the error path

  • CVE-2026-46043CriMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() currently checks only that the incoming packet is at least header_size(pkt) bytes long before payload_size() is used. However, payload

  • CVE-2026-46024HigMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() If a message of type CEPH_MSG_AUTH_REPLY contains a zero value for both protocol and result, this is currently not treated as an error. In c

  • CVE-2026-46021MedMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermal_zone_device_register_with_trips() fails after adding a thermal governor to the thermal zone being registered, the governor is not removed from

  • CVE-2026-46004HigMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setup_card() in caiaq driver doesn't treat the error cases gracefully, e.g. the error from snd_card_register() calls snd_card_free() but continue

  • CVE-2026-45984HigMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head (dibh) is being released prematurely in gfs2_iomap_begin() via release_metapath() while iomap->inline_data still points to di

  • CVE-2026-45983MedMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops (e.g. SETATTR) can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time

  • CVE-2026-45970HigMay 27, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlb_arp_recv during bond up/down The ALB RX path may access rx_hashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlb_deinitialize() frees rx_hashtbl while RX ha

Page 1 of 6