VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_5&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (104)

  • CVE-2025-39816MedSep 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths Since the buffers are mapped from userspace, it is prudent to use READ_ONCE() to read the value into a local variable, and use that for

  • CVE-2025-39834Sep 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow When an invalid stc_type is provided, the function allocates memory for shared_stc but jumps to unlock_and_out without freeing it, caus

  • CVE-2025-39830Sep 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path In the error path of hws_pool_buddy_init(), the buddy allocator cleanup doesn't free the allocator structure itself, causing a memory leak. Add

  • CVE-2025-39811Sep 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratch_pt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xe_vm_free_scratch() by clearing any scratch_pt error pointer. (cherry picked from commit 358ee

  • CVE-2025-39807Sep 16, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add error handling for old state CRTC in atomic_disable Introduce error handling to address an issue where, after a hotplug event, the cursor continues to update. This situation can lead to a kern

  • CVE-2023-53261Sep 15, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: coresight: Fix memory leak in acpi_buffer->pointer There are memory leaks reported by kmemleak: ... unreferenced object 0xffff00213c141000 (size 1024): comm "systemd-udevd", pid 2123, jiffies 4294909467 (age

  • CVE-2025-39797Sep 12, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI Netlink message, which triggers the kernel function xfrm_alloc_spi(). This function is expected to ensure uniquen

  • CVE-2025-40300MedSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already

  • CVE-2025-39787MedSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate

  • CVE-2025-39782MedSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list() periodically release j_list_lock after processing a batch of buffers to avoid long ho

  • CVE-2025-39773MedSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If the time is smaller than

  • CVE-2025-39770MedSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM When performing Generic Segmentation Offload (GSO) on an IPv6 packet that contains extension headers, the kernel incorrectly requests che

  • CVE-2025-39766HigSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit The following setup can trigger a WARNING in htb_activate due to the condition: !cl->leaf.q->q.qlen tc qdisc del dev lo root tc qdisc add

  • CVE-2025-39764MedSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hin

  • CVE-2025-39749HigSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: rcu: Protect ->defer_qs_iw_pending from data race On kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is invoked within an interrupts-disabled region of code [1], it will invoke rcu_read_unlock_spec

  • CVE-2025-39738HigSep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not allow relocation of partially dropped subvolumes [BUG] There is an internal report that balance triggered transaction abort, with the following call trace: item 85 key (594509824 169 0) itemoff

  • CVE-2025-39754Sep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smaps_hugetlb_range and migration smaps_hugetlb_range() handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUG_ON in pfn_swap_entry_to_page(). The

  • CVE-2025-39747Sep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Add error handling for krealloc in metadata setup Function msm_ioctl_gem_info_set_metadata() now checks for krealloc failure and returns -ENOMEM, avoiding potential NULL pointer dereference. Explicitly

  • CVE-2025-39746Sep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: shutdown driver when hardware is unreliable In rare cases, ath10k may lose connection with the PCIe bus due to some unknown reasons, which could further lead to system crashes during resuming due

  • CVE-2025-39744Sep 11, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcu_read_unlock() deadloop due to IRQ work During rcu_read_unlock_special(), if this happens during irq_exit(), we can lockup if an IPI is issued. This is because the IPI itself triggers the irq_exit()

Page 2 of 6