rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_5&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (104)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38590 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed | ||
| CVE-2025-38574 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptp_xmit() Commit aabc6596ffb3 ("net: ppp: Add bound checking for skb data on ppp_sync_txmung") fixed ppp_sync_txmunge() We need a similar fix in pptp_xmit(), otherwise we m | ||
| CVE-2025-38556 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. | ||
| CVE-2025-38544 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AF_RXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg() and | ||
| CVE-2025-38533 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wx_rx_buffer structure contained two DMA address fields: 'dma' and 'page_dma'. However, only 'page_dma' was actually initialized and used to program the Rx descrip | ||
| CVE-2025-38527 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileIn | ||
| CVE-2025-38526 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function ice_lag_is_switchdev_running() is being called from outside of the LAG event handler code. This results in the lag->upper_netdev being NULL sometimes. To | ||
| CVE-2025-38514 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AF_RXRPC service socket is opened and bound, but calls are preallocated, then rxrpc_alloc_incoming_call() will oops because the rxrpc_backlo | ||
| CVE-2025-38488 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However | ||
| CVE-2025-38466 | Med | 5.5 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAP_SYS_ADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the re | |
| CVE-2025-38456 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() The "intf" list iterator is an invalid pointer if the correct "intf->intf_num" is not found. Calling atomic_dec(&intf->nr_users) on and in | ||
| CVE-2025-38419 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() When rproc->state = RPROC_DETACHED and rproc_attach() is used to attach to the remote processor, if rproc_handl | ||
| CVE-2025-38418 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc->clean_table after rproc_attach() fails When rproc->state = RPROC_DETACHED is attached to remote processor through rproc_attach(), if rproc_handle_resources() returns failure, th | ||
| CVE-2025-38408 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize `ops` member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work context. Otherwise the pointers | ||
| CVE-2025-38402 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation | ||
| CVE-2025-38351 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow | ||
| CVE-2025-38263 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cache_set_flush() 1. LINE#1794 - LINE#1887 is some codes about function of bch_cache_set_alloc(). 2. LINE#2078 - LINE#2142 is some codes about function of register_cache_set(). | ||
| CVE-2025-38255 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() While testing null_blk with configfs, echo 0 > poll_queues will trigger following panic: BUG: kernel NULL pointer dereference, address: 000 | ||
| CVE-2025-38234 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do | ||
| CVE-2025-38216 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 ("iommu/vt-d: Add support for static identity domain") changed the context entry setup during domain attachment from a set-a |
- CVE-2025-38590Aug 19, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed
- CVE-2025-38574Aug 19, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptp_xmit() Commit aabc6596ffb3 ("net: ppp: Add bound checking for skb data on ppp_sync_txmung") fixed ppp_sync_txmunge() We need a similar fix in pptp_xmit(), otherwise we m
- CVE-2025-38556Aug 19, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity.
- CVE-2025-38544Aug 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AF_RXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg() and
- CVE-2025-38533Aug 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wx_rx_buffer structure contained two DMA address fields: 'dma' and 'page_dma'. However, only 'page_dma' was actually initialized and used to program the Rx descrip
- CVE-2025-38527Aug 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileIn
- CVE-2025-38526Aug 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function ice_lag_is_switchdev_running() is being called from outside of the LAG event handler code. This results in the lag->upper_netdev being NULL sometimes. To
- CVE-2025-38514Aug 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AF_RXRPC service socket is opened and bound, but calls are preallocated, then rxrpc_alloc_incoming_call() will oops because the rxrpc_backlo
- CVE-2025-38488Jul 28, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAP_SYS_ADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the re
- CVE-2025-38456Jul 25, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() The "intf" list iterator is an invalid pointer if the correct "intf->intf_num" is not found. Calling atomic_dec(&intf->nr_users) on and in
- CVE-2025-38419Jul 25, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() When rproc->state = RPROC_DETACHED and rproc_attach() is used to attach to the remote processor, if rproc_handl
- CVE-2025-38418Jul 25, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc->clean_table after rproc_attach() fails When rproc->state = RPROC_DETACHED is attached to remote processor through rproc_attach(), if rproc_handle_resources() returns failure, th
- CVE-2025-38408Jul 25, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize `ops` member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work context. Otherwise the pointers
- CVE-2025-38402Jul 25, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation
- CVE-2025-38351Jul 19, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow
- CVE-2025-38263Jul 9, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cache_set_flush() 1. LINE#1794 - LINE#1887 is some codes about function of bch_cache_set_alloc(). 2. LINE#2078 - LINE#2142 is some codes about function of register_cache_set().
- CVE-2025-38255Jul 9, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() While testing null_blk with configfs, echo 0 > poll_queues will trigger following panic: BUG: kernel NULL pointer dereference, address: 000
- CVE-2025-38234Jul 4, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do
- CVE-2025-38216Jul 4, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 ("iommu/vt-d: Add support for static identity domain") changed the context entry setup during domain attachment from a set-a
Page 5 of 6