VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (174)

  • CVE-2025-71130Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb->vma[i].vma pointers

  • CVE-2025-71123Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 ("string.h: Introduce me

  • CVE-2025-71120Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres

  • CVE-2025-71119Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Wakin

  • CVE-2025-71118Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if start_node is NULL Although commit 0c9992315e73 ("ACPICA: Avoid walking the ACPI Namespace if it is not there") fixed the situation when both start_node and acpi_gbl_root_

  • CVE-2025-71116Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encoded length of ceph_pg_pool envelope is less than what is expected for a particular

  • CVE-2025-71114Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: via_wdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocate_resource() to reserve a MMIO region for the watchdog control register. However, the allocated resource wa

  • CVE-2025-71112Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_V

  • CVE-2025-71111Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU The macro FAN_FROM_REG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Che

  • CVE-2025-71108Jan 14, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to

  • CVE-2025-71089HigJan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing (SVA).

  • CVE-2025-71066Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change zdi-disclosures@trendmicro.com says: The vulnerability is a race condition between `ets_qdisc_dequeue` and `ets_qdisc_ch

  • CVE-2025-71064Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the num_tqps in the vf driver to apply for resources Currently, hdev->htqp is allocated using hdev->num_tqps, and kinfo->tqp is allocated using kinfo->num_tqps. However, kinfo->num_tqps is set

  • CVE-2025-68820Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checki

  • CVE-2025-68819Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() rlen value is a user-controlled value, but dtv5100_i2c_msg() does not check the size of the rlen value. Therefore, if it is set to a value larger

  • CVE-2025-68816Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fw_tracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings

  • CVE-2025-68815Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr class from the active list if it changes to strict Whenever a user issues an ets qdisc change command, transforming a drr class into a strict one, the ets code isn't checking whether

  • CVE-2025-68814Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as havin

  • CVE-2025-68813Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure() without ensuring skb->dev is set, leading to a NULL pointer dereference in fib_compute_spec_

  • CVE-2025-68808Jan 13, 2026
    affected < 1-150700.1.3.2fixed 1-150700.1.3.2

    In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtv_channel_si_init() creates a temporary list (program, service, event) and ownership of the memory itself is transferred to the PAT/

Page 3 of 9