rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (174)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-71098 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: ip6_gre: make ip6gre_header() robust Over the years, syzbot found many ways to crash the kernel in ip6gre_header() [1]. This involves team or bonding drivers ability to dynamically change their dev->needed_hea | ||
| CVE-2025-71097 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fib_table_flush() is called to flush all the routes that are using the | ||
| CVE-2025-71096 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly The netlink response for RDMA_NL_LS_OP_IP_RESOLVE should always have a LS_NLA_TYPE_DGID attribute, it is invalid if it does not. Use the nl parsi | ||
| CVE-2025-71095 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDP_TX action There is a crash issue when running zero copy XDP_TX action, the crash log is shown below. [ 216.122464] Unable to handle kernel paging request at | ||
| CVE-2025-71094 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asix_read_phy_addr(). A malicious or faulty device can return an invalid address (>= PHY_MAX_ADDR), | ||
| CVE-2025-71093 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we read the last byte of the frame via 'data[length - 1]' to evaluate the TBI workaround. If the descriptor- reported length is zero or l | ||
| CVE-2025-71091 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_override_port_prio_changed() There has been a syzkaller bug reported recently with the following trace: list_del corruption, ffff888058bea080->prev is LIST_POISON | ||
| CVE-2025-71088 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c | ||
| CVE-2025-71087 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg() There are off-by-one bugs when configuring RSS hash key and lookup table, causing out-of-bounds reads to memory [1] and out-of-bounds writes to device regist | ||
| CVE-2025-71086 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a device being brought down. T | ||
| CVE-2025-71085 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t | ||
| CVE-2025-71084 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancel_work_sync() will prevent the work from running which also pr | ||
| CVE-2025-71083 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the content | ||
| CVE-2025-71082 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921dbd00c4e ("Bluetooth: Use devm_kzalloc in btusb.c file"). In btusb_probe(), we use devm_kzalloc() to allocate the btusb data. This | ||
| CVE-2025-71081 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the set_sync() callback fails during DAI probe. Make s | ||
| CVE-2025-71080 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT On PREEMPT_RT kernels, after rt6_get_pcpu_route() returns NULL, the current task can be preempted. Another task running on the same CPU may then execute | ||
| CVE-2025-71079 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write A deadlock can occur between nfc_unregister_device() and rfkill_fop_write() due to lock ordering inversion between device_lock and rfkil | ||
| CVE-2025-71078 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache i | ||
| CVE-2025-71077 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only | ||
| CVE-2025-71076 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. |
- CVE-2025-71098Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ip6_gre: make ip6gre_header() robust Over the years, syzbot found many ways to crash the kernel in ip6gre_header() [1]. This involves team or bonding drivers ability to dynamically change their dev->needed_hea
- CVE-2025-71097Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fib_table_flush() is called to flush all the routes that are using the
- CVE-2025-71096Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly The netlink response for RDMA_NL_LS_OP_IP_RESOLVE should always have a LS_NLA_TYPE_DGID attribute, it is invalid if it does not. Use the nl parsi
- CVE-2025-71095Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDP_TX action There is a crash issue when running zero copy XDP_TX action, the crash log is shown below. [ 216.122464] Unable to handle kernel paging request at
- CVE-2025-71094Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asix_read_phy_addr(). A malicious or faulty device can return an invalid address (>= PHY_MAX_ADDR),
- CVE-2025-71093Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we read the last byte of the frame via 'data[length - 1]' to evaluate the TBI workaround. If the descriptor- reported length is zero or l
- CVE-2025-71091Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_override_port_prio_changed() There has been a syzkaller bug reported recently with the following trace: list_del corruption, ffff888058bea080->prev is LIST_POISON
- CVE-2025-71088Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c
- CVE-2025-71087Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg() There are off-by-one bugs when configuring RSS hash key and lookup table, causing out-of-bounds reads to memory [1] and out-of-bounds writes to device regist
- CVE-2025-71086Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a device being brought down. T
- CVE-2025-71085Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t
- CVE-2025-71084Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancel_work_sync() will prevent the work from running which also pr
- CVE-2025-71083Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the content
- CVE-2025-71082Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921dbd00c4e ("Bluetooth: Use devm_kzalloc in btusb.c file"). In btusb_probe(), we use devm_kzalloc() to allocate the btusb data. This
- CVE-2025-71081Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the set_sync() callback fails during DAI probe. Make s
- CVE-2025-71080Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT On PREEMPT_RT kernels, after rt6_get_pcpu_route() returns NULL, the current task can be preempted. Another task running on the same CPU may then execute
- CVE-2025-71079Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write A deadlock can occur between nfc_unregister_device() and rfkill_fop_write() due to lock ordering inversion between device_lock and rfkil
- CVE-2025-71078Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache i
- CVE-2025-71077Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only
- CVE-2025-71076Jan 13, 2026affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations.
Page 5 of 9