VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (102)

  • CVE-2026-31591MedApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its stat

  • CVE-2026-31590MedApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION Drop the WARN in sev_pin_memory() on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing:

  • CVE-2026-31546MedApr 24, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_hashtbl_used_head list with slave set to NULL when no replacement slave is available

  • CVE-2026-31518MedApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output co

  • CVE-2026-31516HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policy_hthresh.work from racing with netns teardown A XFRM_MSG_NEWSPDINFO request can queue the per-net work item policy_hthresh.work onto the system workqueue. The queued callback, xfrm_hash_reb

  • CVE-2026-31493HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the com

  • CVE-2026-31480MedApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutex_lock(&inter

  • CVE-2026-31473HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex MEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0) queue teardown paths. This can race request object cleanup against vb2 que

  • CVE-2026-31464HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() A malicious or compromised VIO server can return a num_written value in the discover targets MAD response that exceeds max_targets. This value is s

  • CVE-2026-31455HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any

  • CVE-2026-31454HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects t

  • CVE-2026-31448CriApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails (in this example, because the fil

  • CVE-2026-31446HigApr 22, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in update_super_work when racing with umount Commit b98535d09179 ("ext4: fix bug_on in start_this_handle during umount filesystem") moved ext4_unregister_sysfs() before flushing s_sb_up

  • CVE-2026-31396HigApr 3, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via get_ts_info ethtool call which is poss

  • CVE-2026-23444HigApr 3, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure ieee80211_tx_prepare_skb() has three error paths, but only two of them free the skb. The first error path (ieee80211_tx_prepare() returning

  • CVE-2026-23438MedApr 3, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with global_tx_fc in buffer switching mvpp2_bm_switch_buffers() unconditionally calls mvpp2_bm_pool_update_priv_fc() when switching between per-cpu and shared buffer pool m

  • CVE-2026-23359HigMar 25, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of

  • CVE-2026-23327HigMar 25, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() cxl_payload_from_user_allowed() casts and dereferences the input payload without first verifying its size. When a raw

  • CVE-2026-23303MedMar 25, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log

  • CVE-2026-3150MedFeb 25, 2026
    affected < 1-150700.1.5.2fixed 1-150700.1.5.2

    A security vulnerability has been detected in itsourcecode College Management System 1.0. This affects an unknown part of the file /admin/display-teacher.php. The manipulation of the argument teacher_id leads to sql injection. The attack is possible to be carried out remotely. Th

Page 5 of 6