rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (270)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38154 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sk_socket after free when sending The sk->sk_socket is not locked or referenced in backlog thread, and during the call to skb_send_sock(), there is a race condition with the release of | ||
| CVE-2025-38153 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error (see report [1]) in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This p | ||
| CVE-2025-38151 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work The cited commit fixed a crash when cma_netevent_callback was called for a cma_id while work on that id from a previous call had not yet started | ||
| CVE-2025-38149 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev->devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phy_detach() calls device_link_del() t | ||
| CVE-2025-38148 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the | ||
| CVE-2025-38147 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AF_INET sk. syzkaller reported a null-ptr-deref in txopt_get(). [0] The offset 0x70 was of struct ipv6_txoptions in struct ipv6_pinfo, so struct ipv6_pinfo was NULL th | ||
| CVE-2025-38145 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() devm_kasprintf() returns NULL when memory allocation fails. Currently, aspeed_lpc_enable_snoop() does not check for this case, which results in a NULL po | ||
| CVE-2025-38143 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wled_configure() devm_kasprintf() returns NULL when memory allocation fails. Currently, wled_configure() does not check for this case, which results in a NULL pointer derefe | ||
| CVE-2025-38142 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (asus-ec-sensors) check sensor index in read_string() Prevent a potential invalid memory access when the requested sensor is not found. find_ec_sensor_index() may return a negative value (e.g. -ENOENT), | ||
| CVE-2025-38138 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Add NULL check in udma_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, udma_probe() does not check for this case, which results in a NULL pointer dereference. Add | ||
| CVE-2025-38136 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Reorder clock handling and power management in probe Reorder the initialization sequence in `usbhs_probe()` to enable runtime PM before accessing registers, preventing potential crashes due | ||
| CVE-2025-38135 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: Fix potential null-ptr-deref in mlb_usio_probe() devm_ioremap() can return NULL on error. Currently, mlb_usio_probe() does not check for this case, which could result in a NULL pointer dereference. Add | ||
| CVE-2025-38132 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable) | ||
| CVE-2025-38131 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This co | ||
| CVE-2025-38129 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of | ||
| CVE-2025-38127 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In | ||
| CVE-2025-38126 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree | ||
| CVE-2025-38123 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, i | ||
| CVE-2025-38122 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. | ||
| CVE-2025-38120 | — | < 1-150700.1.5.1 | 1-150700.1.5.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early |
- CVE-2025-38154Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sk_socket after free when sending The sk->sk_socket is not locked or referenced in backlog thread, and during the call to skb_send_sock(), there is a race condition with the release of
- CVE-2025-38153Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error (see report [1]) in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This p
- CVE-2025-38151Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work The cited commit fixed a crash when cma_netevent_callback was called for a cma_id while work on that id from a previous call had not yet started
- CVE-2025-38149Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev->devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phy_detach() calls device_link_del() t
- CVE-2025-38148Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the
- CVE-2025-38147Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AF_INET sk. syzkaller reported a null-ptr-deref in txopt_get(). [0] The offset 0x70 was of struct ipv6_txoptions in struct ipv6_pinfo, so struct ipv6_pinfo was NULL th
- CVE-2025-38145Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() devm_kasprintf() returns NULL when memory allocation fails. Currently, aspeed_lpc_enable_snoop() does not check for this case, which results in a NULL po
- CVE-2025-38143Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wled_configure() devm_kasprintf() returns NULL when memory allocation fails. Currently, wled_configure() does not check for this case, which results in a NULL pointer derefe
- CVE-2025-38142Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (asus-ec-sensors) check sensor index in read_string() Prevent a potential invalid memory access when the requested sensor is not found. find_ec_sensor_index() may return a negative value (e.g. -ENOENT),
- CVE-2025-38138Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Add NULL check in udma_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, udma_probe() does not check for this case, which results in a NULL pointer dereference. Add
- CVE-2025-38136Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Reorder clock handling and power management in probe Reorder the initialization sequence in `usbhs_probe()` to enable runtime PM before accessing registers, preventing potential crashes due
- CVE-2025-38135Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: serial: Fix potential null-ptr-deref in mlb_usio_probe() devm_ioremap() can return NULL on error. Currently, mlb_usio_probe() does not check for this case, which could result in a NULL pointer dereference. Add
- CVE-2025-38132Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable)
- CVE-2025-38131Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This co
- CVE-2025-38129Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of
- CVE-2025-38127Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In
- CVE-2025-38126Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree
- CVE-2025-38123Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, i
- CVE-2025-38122Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer.
- CVE-2025-38120Jul 3, 2025affected < 1-150700.1.5.1fixed 1-150700.1.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early
Page 11 of 14