VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (476)

  • CVE-2025-39948Oct 4, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The ice_put_rx_mbuf() function handles calling ice_put_rx_buf() for each buffer in the current frame. This function was introduced as part of handling multi-buffer X

  • CVE-2025-39945Oct 4, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task The original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(), which does not guarantee that the delayed work item 'delete_task' has fully completed i

  • CVE-2025-39938Oct 4, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed If earlier opening of source graph fails (e.g. ADSP rejects due to incorrect audioreach topology), the graph is closed and "dai_

  • CVE-2025-39937Oct 4, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda ("net: rfkill: gpio: get the name and type from device property") rfkill_find_type() gets called with the poss

  • CVE-2025-39934Oct 4, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C t

  • CVE-2023-53528MedOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If create_qp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a s

  • CVE-2023-53526MedOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh->b_transaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2_journal_commit_transaction __jbd2_journal_insert_checkpoint(jh, commit_transaction) /

  • CVE-2023-53523MedOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: fix time stamp counter initialization If the gs_usb device driver is unloaded (or unbound) before the interface is shut down, the USB stack first calls the struct usb_driver::disconnect and then th

  • CVE-2023-53520MedOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the call trace: <4>[102152.

  • CVE-2023-53519MedOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with function: v4l2_m2m_num_s

  • CVE-2023-53516HigOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute named IFLA_MACVLAN_BC_CUTOFF

  • CVE-2023-53515HigOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vm_dev vm_dev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vm_dev struct with devr

  • CVE-2023-53510HigOct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a

  • CVE-2023-53531Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: null_blk: fix poll request timeout handling When doing io_uring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. [1] BUG: kernel NULL pointer de

  • CVE-2023-53530Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete localhost kernel: BUG: using

  • CVE-2023-53527Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in tb_handle_dp_bandwidth_request() The memory allocated in tb_queue_dp_bandwidth_request() needs to be released once the request is handled to avoid leaking it.

  • CVE-2023-53518Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

  • CVE-2023-53508Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_

  • CVE-2023-53507Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister devlink params in case interface is down Currently, in case an interface is down, mlx5 driver doesn't unregister its devlink params, which leads to this WARN[1]. Fix it by unregistering dev

  • CVE-2023-53505Oct 1, 2025
    affected < 1-150700.1.3.1fixed 1-150700.1.3.1

    In the Linux kernel, the following vulnerability has been resolved: clk: tegra: tegra124-emc: Fix potential memory leak The tegra and tegra needs to be freed in the error handling path, otherwise it will be leaked.

Page 10 of 24