rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_6&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (476)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53304 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes | ||
| CVE-2025-39828 | Hig | 7.8 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). syzbot reported the splat below. [0] When atmtcp_v_open() or atmtcp_v_close() is called via connect() or close(), atmtcp_send_control() is called | |
| CVE-2025-39827 | Med | 5.5 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in rose_neigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct rose_neigh tracks references from rose_node str | |
| CVE-2025-39826 | Hig | 7.0 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcount_t The 'use' field in struct rose_neigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a rose_neigh structure is freed while | |
| CVE-2025-39824 | Hig | 7.8 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the HID_CONNECT_DEFAULT connect ma | |
| CVE-2025-39813 | Med | 4.7 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race co | |
| CVE-2025-39812 | Med | 5.5 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctp_v6_from_sk() syzbot found that sin6_scope_id was not properly initialized, leading to undefined behavior. Clear sin6_scope_id and sin6_flowinfo. BUG: KMSAN: uninit-value i | |
| CVE-2025-39808 | Med | 5.5 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() in ntrig_report_version(), hdev parameter passed from hid_probe(). sending descriptor to /dev/uhid can make hdev->dev.parent->parent to | |
| CVE-2025-39806 | Hig | 7.1 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() A malicious HID device can trigger a slab out-of-bounds during mt_report_fixup() by passing in report descriptor smaller than 607 bytes. mt_re | |
| CVE-2025-39833 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIG_DEBUG_OBJECTS_TIMERS unloading hfcpci module leads to the following splat: [ 250.215892] ODEBUG: assert_init not available (active stat | ||
| CVE-2025-39832 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fw_activate option, the | ||
| CVE-2025-39810 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix memory corruption when FW resources change during ifdown bnxt_set_dflt_rings() assumes that it is always called before any TC has been created. So it doesn't take bp->num_tc into account and assum | ||
| CVE-2023-53292 | Med | 5.5 | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none After grabbing q->sysfs_lock, q->elevator may become NULL because of elevator switch. Fix the NULL dereference on q->elevator by checking i | |
| CVE-2023-53303 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule() Inject fault When select CONFIG_VCAP_KUNIT_TEST, the below memory leak occurs. If kzalloc() for duprule succeeds, but the following kmemdup | ||
| CVE-2023-53291 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale Running the 'kfree_rcu_test' test case [1] results in a splat [2]. The root cause is the kfree_scale_thread thread(s) continue running af | ||
| CVE-2023-53288 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm] | ||
| CVE-2023-53287 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume supplier | ||
| CVE-2023-53286 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W | ||
| CVE-2023-53280 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3 | ||
| CVE-2023-53275 | — | < 1-150700.1.3.1 | 1-150700.1.3.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access |
- CVE-2023-53304Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). syzbot reported the splat below. [0] When atmtcp_v_open() or atmtcp_v_close() is called via connect() or close(), atmtcp_send_control() is called
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in rose_neigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct rose_neigh tracks references from rose_node str
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcount_t The 'use' field in struct rose_neigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a rose_neigh structure is freed while
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the HID_CONNECT_DEFAULT connect ma
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race co
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctp_v6_from_sk() syzbot found that sin6_scope_id was not properly initialized, leading to undefined behavior. Clear sin6_scope_id and sin6_flowinfo. BUG: KMSAN: uninit-value i
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() in ntrig_report_version(), hdev parameter passed from hid_probe(). sending descriptor to /dev/uhid can make hdev->dev.parent->parent to
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() A malicious HID device can trigger a slab out-of-bounds during mt_report_fixup() by passing in report descriptor smaller than 607 bytes. mt_re
- CVE-2025-39833Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIG_DEBUG_OBJECTS_TIMERS unloading hfcpci module leads to the following splat: [ 250.215892] ODEBUG: assert_init not available (active stat
- CVE-2025-39832Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fw_activate option, the
- CVE-2025-39810Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix memory corruption when FW resources change during ifdown bnxt_set_dflt_rings() assumes that it is always called before any TC has been created. So it doesn't take bp->num_tc into account and assum
- affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none After grabbing q->sysfs_lock, q->elevator may become NULL because of elevator switch. Fix the NULL dereference on q->elevator by checking i
- CVE-2023-53303Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule() Inject fault When select CONFIG_VCAP_KUNIT_TEST, the below memory leak occurs. If kzalloc() for duprule succeeds, but the following kmemdup
- CVE-2023-53291Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale Running the 'kfree_rcu_test' test case [1] results in a splat [2]. The root cause is the kfree_scale_thread thread(s) continue running af
- CVE-2023-53288Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm]
- CVE-2023-53287Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume supplier
- CVE-2023-53286Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W
- CVE-2023-53280Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3
- CVE-2023-53275Sep 16, 2025affected < 1-150700.1.3.1fixed 1-150700.1.3.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access
Page 17 of 24