rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (286)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-37953 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres | ||
| CVE-2025-37951 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the reset was skipped When a CL/CSD job times out, we check if the GPU has made any progress since the last timeout. If so, instead of resetting the hardware, we skip the res | ||
| CVE-2025-37948 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program | ||
| CVE-2025-37946 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs With commit bcb5d6c76903 ("s390/pci: introduce lock to synchronize state of zpci_dev's") the code to ignore power off of a PF that h | ||
| CVE-2025-37944 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Currently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry to fetch the next entry from the destination ring. This is incor | ||
| CVE-2025-37943 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi | ||
| CVE-2025-37938 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%*p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that wi | ||
| CVE-2025-37937 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result is a divide-by-zero. Prevent that from happening. Fixes the follow | ||
| CVE-2025-37936 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. When generating the MSR_IA32_PEBS_ENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PE | ||
| CVE-2025-37934 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in ../ | ||
| CVE-2025-37933 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix host hang issue during device reboot When the host loses heartbeat messages from the device, the driver calls the device-specific ndo_stop function, which frees the resources. If the driver is un | ||
| CVE-2025-37932 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t | ||
| CVE-2025-37930 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveau_fence_signal(). However, in at least one other | ||
| CVE-2025-37929 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays Commit a5951389e58d ("arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists") added some additional CPUs to the Spectre-BHB | ||
| CVE-2025-37928 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet are enabled. [ 129.444685][ T934] BUG: sleeping function called from invalid con | ||
| CVE-2025-37927 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIID_LEN against a total string length doesn | ||
| CVE-2025-37923 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in trace_seq_to_buffer() syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/tr | ||
| CVE-2025-37921 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote (assuming one was configured) is dele | ||
| CVE-2025-37918 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() A NULL pointer dereference can occur in skb_dequeue() when processing a QCA firmware crash dump on WCN7851 (0489:e0f3). [ 93.672166] Bluetooth: | ||
| CVE-2025-37917 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver to avoid spinlock recursio |
- CVE-2025-37953May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres
- CVE-2025-37951May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the reset was skipped When a CL/CSD job times out, we check if the GPU has made any progress since the last timeout. If so, instead of resetting the hardware, we skip the res
- CVE-2025-37948May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program
- CVE-2025-37946May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs With commit bcb5d6c76903 ("s390/pci: introduce lock to synchronize state of zpci_dev's") the code to ignore power off of a PF that h
- CVE-2025-37944May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Currently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry to fetch the next entry from the destination ring. This is incor
- CVE-2025-37943May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi
- CVE-2025-37938May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%*p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that wi
- CVE-2025-37937May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result is a divide-by-zero. Prevent that from happening. Fixes the follow
- CVE-2025-37936May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. When generating the MSR_IA32_PEBS_ENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PE
- CVE-2025-37934May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in ../
- CVE-2025-37933May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix host hang issue during device reboot When the host loses heartbeat messages from the device, the driver calls the device-specific ndo_stop function, which frees the resources. If the driver is un
- CVE-2025-37932May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t
- CVE-2025-37930May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveau_fence_signal(). However, in at least one other
- CVE-2025-37929May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays Commit a5951389e58d ("arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists") added some additional CPUs to the Spectre-BHB
- CVE-2025-37928May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet are enabled. [ 129.444685][ T934] BUG: sleeping function called from invalid con
- CVE-2025-37927May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIID_LEN against a total string length doesn
- CVE-2025-37923May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in trace_seq_to_buffer() syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/tr
- CVE-2025-37921May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote (assuming one was configured) is dele
- CVE-2025-37918May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() A NULL pointer dereference can occur in skb_dequeue() when processing a QCA firmware crash dump on WCN7851 (0489:e0f3). [ 93.672166] Bluetooth:
- CVE-2025-37917May 20, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver to avoid spinlock recursio
Page 6 of 15