rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (286)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-37874 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent error paths after | ||
| CVE-2025-37873 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix missing ring index trim on error path Commit under Fixes converted tx_prod to be free running but missed masking it on the Tx error path. This crashes on error conditions, for example when DMA ma | ||
| CVE-2025-37871 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sc_count directly if fail to queue dl_recall A deadlock warning occurred when invoking nfs4_put_stid following a failed dl_recall queue operation: T1 T2 | ||
| CVE-2025-37869 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use local fence in error path of xe_migrate_clear The intent of the error path in xe_migrate_clear is to wait on locally generated fence and then return. The code is waiting on m->fence which could be t | ||
| CVE-2025-37868 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migrate_pages_batch() on core kernel side is holding folio lock(s) and then interacting with t | ||
| CVE-2025-37867 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Silence oversized kvmalloc() warning syzkaller triggered an oversized kvmalloc() warning. Silence it by adding __GFP_NOWARN. syzkaller log: WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node | ||
| CVE-2025-37865 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT: https://lore.kernel.org/ne | ||
| CVE-2025-37862 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optio | ||
| CVE-2025-37861 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid | ||
| CVE-2025-37859 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: page_pool: avoid infinite loop to schedule delayed worker We noticed the kworker in page_pool_release_retry() was waken up repeatedly and infinitely in production because of the buggy driver causing the infligh | ||
| CVE-2025-37858 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group (AG) size using 1 << l2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with >2TB aggregates on 3 | ||
| CVE-2025-37854 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue If HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal user space to abort the processes. After process abort exit, user queues still use the GPU to acc | ||
| CVE-2025-37853 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hang_hws skip GPU with MES debugfs hang_hws is used by GPU reset test with HWS, for MES this crash the kernel with NULL pointer access because dqm->packet_mgr is not setup for MES path. Ski | ||
| CVE-2025-37852 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() Add error handling to propagate amdgpu_cgs_create_device() failures to the caller. When amdgpu_cgs_create_device() fails, release h | ||
| CVE-2025-37851 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB of the enum parameter plane. The value of this parameter is initialized in dss_init_overlays a | ||
| CVE-2025-37850 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() With CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() has a divide-by-zero in the following line: do_div(resolution, clk_get_rate(p | ||
| CVE-2025-37849 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. | ||
| CVE-2025-37848 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix PM related deadlocks in MS IOCTLs Prevent runtime resume/suspend while MS IOCTLs are in progress. Failed suspend will call ivpu_ms_cleanup() that would try to acquire file_priv->ms_lock, which i | ||
| CVE-2025-37847 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in ivpu_ms_cleanup() Fix deadlock in ivpu_ms_cleanup() by preventing runtime resume after file_priv->ms_lock is acquired. During a failure in runtime resume, a cold boot is executed, w | ||
| CVE-2025-37844 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting |
- CVE-2025-37874May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent error paths after
- CVE-2025-37873May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix missing ring index trim on error path Commit under Fixes converted tx_prod to be free running but missed masking it on the Tx error path. This crashes on error conditions, for example when DMA ma
- CVE-2025-37871May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sc_count directly if fail to queue dl_recall A deadlock warning occurred when invoking nfs4_put_stid following a failed dl_recall queue operation: T1 T2
- CVE-2025-37869May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use local fence in error path of xe_migrate_clear The intent of the error path in xe_migrate_clear is to wait on locally generated fence and then return. The code is waiting on m->fence which could be t
- CVE-2025-37868May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migrate_pages_batch() on core kernel side is holding folio lock(s) and then interacting with t
- CVE-2025-37867May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Silence oversized kvmalloc() warning syzkaller triggered an oversized kvmalloc() warning. Silence it by adding __GFP_NOWARN. syzkaller log: WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node
- CVE-2025-37865May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT: https://lore.kernel.org/ne
- CVE-2025-37862May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optio
- CVE-2025-37861May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid
- CVE-2025-37859May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: page_pool: avoid infinite loop to schedule delayed worker We noticed the kworker in page_pool_release_retry() was waken up repeatedly and infinitely in production because of the buggy driver causing the infligh
- CVE-2025-37858May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group (AG) size using 1 << l2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with >2TB aggregates on 3
- CVE-2025-37854May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue If HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal user space to abort the processes. After process abort exit, user queues still use the GPU to acc
- CVE-2025-37853May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hang_hws skip GPU with MES debugfs hang_hws is used by GPU reset test with HWS, for MES this crash the kernel with NULL pointer access because dqm->packet_mgr is not setup for MES path. Ski
- CVE-2025-37852May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() Add error handling to propagate amdgpu_cgs_create_device() failures to the caller. When amdgpu_cgs_create_device() fails, release h
- CVE-2025-37851May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB of the enum parameter plane. The value of this parameter is initialized in dss_init_overlays a
- CVE-2025-37850May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() With CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() has a divide-by-zero in the following line: do_div(resolution, clk_get_rate(p
- CVE-2025-37849May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised.
- CVE-2025-37848May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix PM related deadlocks in MS IOCTLs Prevent runtime resume/suspend while MS IOCTLs are in progress. Failed suspend will call ivpu_ms_cleanup() that would try to acquire file_priv->ms_lock, which i
- CVE-2025-37847May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in ivpu_ms_cleanup() Fix deadlock in ivpu_ms_cleanup() by preventing runtime resume after file_priv->ms_lock is acquired. During a failure in runtime resume, a cold boot is executed, w
- CVE-2025-37844May 9, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting
Page 8 of 15