VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (102)

  • CVE-2026-43059HigMay 5, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers Commit 302a1f674c00 ("Bluetooth: MGMT: Fix possible UAFs") introduced mgmt_pending_valid(), which not only validates the pending command

  • CVE-2026-43054MedMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Drain commands in target_reset handler tcm_loop_target_reset() violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation (scsi

  • CVE-2026-43052HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211_tdls_oper When NL80211_TDLS_ENABLE_LINK is called, the code only checks if the station exists but not whether it is actually a TDLS station. This allows the operatio

  • CVE-2026-43040HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTM_NEWNDUSEROPT netlink m

  • CVE-2026-43030HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe() for pointers to packet In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may return true which may lead to current state with valid packet range not being explored

  • CVE-2026-43026MedMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent ctnetlink_alloc_expect() allocates expectations from a non-zeroing slab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not presen

  • CVE-2026-43013MedMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG device before creating debugfs __mlx5_lag_dev_add_mdev() may return 0 (success) even when an error occurs that is handled gracefully. Consequently, the initialization flow proceeds

  • CVE-2026-43009HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrack_insn encounters a BPF_STX instruction with BPF_ATOMIC and BPF_FETCH, the src register (or r0 for BPF_CMPXCHG) also acts as a dest

  • CVE-2026-31774HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix slab-out-of-bounds read in io_bundle_nbufs() sqe->len is __u32 but gets stored into sr->len which is int. When userspace passes sqe->len values exceeding INT_MAX (e.g. 0xFFFFFFFF), sr->len ove

  • CVE-2026-31767MedMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the compression ratio in command mode. Bspec seems to be telling us to do this only

  • CVE-2026-31758HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmc_release When calling usbtmc_release, pending anchored URBs must be flushed or killed to prevent use-after-free errors (e.g. in the HCD giveback path). Call usbtmc_draw

  • CVE-2026-31703HigMay 1, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: writeback: Fix use after free in inode_switch_wbs_work_fn() inode_switch_wbs_work_fn() has a loop like: wb_get(new_wb); while (1) { list = llist_del_all(&new_wb->switch_wbs_ctxs); /* Nothing to do?

  • CVE-2026-31678HigApr 25, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent rea

  • CVE-2026-31673HigApr 25, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path under unix_state_lock() and drops

  • CVE-2026-31671MedApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but the padding is never zeroed b

  • CVE-2026-31655MedApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled Keep the NOC_HDCP clock always enabled to fix the potential hang caused by the NoC ADB400 port power down handshake.

  • CVE-2026-31629HigApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCP_CLOSED checks In nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket state is LLCP_CLOSED, the code correctly calls release_sock() and nfc_llcp_sock_put() but

  • CVE-2026-31614HigApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in check_wsl_eas() The bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA name and value, but ea_data sits at offset sizeof(struct smb2_file_full_ea_info) =

  • CVE-2026-31613HigApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUS_STOPPED_ON_SYMLINK, smb2_check_message() returns success without any length validation, leaving the symlink parsers as the

  • CVE-2026-31596MedApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI RIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Cod

Page 4 of 6