rpm package
suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (174)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68285 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both | ||
| CVE-2025-68284 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes wh | ||
| CVE-2025-68261 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() Fix a race between inline data destruction and block mapping. The function ext4_destroy_inline_data_nolock() changes the inode data layout b | ||
| CVE-2025-68256 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser The Information Element (IE) parser rtw_get_ie() trusted the length byte of each IE without validating that the IE body (len bytes after the 2-b | ||
| CVE-2025-68254 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates (ESR) IE handling in OnBeacon accessed *(p + 1 + ielen) and *(p + 2 + ielen) without verifying that these offse | ||
| CVE-2025-68245 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18 ("netpoll: fix use after free") incorrectly ignored the refcount and prematurely set dev->npinfo to NULL during netpol | ||
| CVE-2025-68241 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe The sit driver's packet transmission path calls: sit_tunnel_xmit() -> update_or_create_fnhe(), which lead to fnhe_remove_oldest() being called | ||
| CVE-2025-68227 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the sk_prot of sockets during protocol stack processing with sockmap's cust | ||
| CVE-2025-68215 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP | ||
| CVE-2025-68200 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpf_prog_run_data_pointers() syzbot found that cls_bpf_classify() is able to change tc_skb_cb(skb)->drop_reason triggering a warning in sk_skb_reason_drop(). WARNING: CPU: 0 PID: 5965 at net/core/skbu | ||
| CVE-2025-68188 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() Use RCU to avoid a pair of atomic operations and a potential UAF on dst_dev()->flags. | ||
| CVE-2025-68178 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix possible deadlock while configuring policy Following deadlock can be triggered easily by lockdep: WARNING: possible circular locking dependency detected 6.17.0-rc3-00124-ga12c2658ced0 #1665 Not | ||
| CVE-2025-68174 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfd_processes_table is empty. kfd_prcesses_table entry is deleted in kfd_process_notifier_release, but kfd_proces | ||
| CVE-2025-68171 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: fpu__cle | ||
| CVE-2025-40363 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6_output() and ah6_output_done() where extension headers are copied to/from IPv6 address fields, triggering fort | ||
| CVE-2025-40355 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: sysfs: check visibility before changing group attribute ownership Since commit 0c17270f9b92 ("net: sysfs: Implement is_visible for phys_(port_id, port_name, switch_id)"), __dev_change_net_namespace() can hit WA | ||
| CVE-2025-40350 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ XDP programs can change the layout of an xdp_buff through bpf_xdp_adjust_tail() and bpf_xdp_adjust_head(). Therefore, the driver cannot | ||
| CVE-2025-40328 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list_lock is acquired in smb2 | ||
| CVE-2025-40264 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site. This may lead to dereferencing a NULL pointer when process | ||
| CVE-2025-40261 | — | < 1-150700.1.3.2 | 1-150700.1.3.2 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after ca |
- CVE-2025-68285Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both
- CVE-2025-68284Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes wh
- CVE-2025-68261Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() Fix a race between inline data destruction and block mapping. The function ext4_destroy_inline_data_nolock() changes the inode data layout b
- CVE-2025-68256Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser The Information Element (IE) parser rtw_get_ie() trusted the length byte of each IE without validating that the IE body (len bytes after the 2-b
- CVE-2025-68254Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates (ESR) IE handling in OnBeacon accessed *(p + 1 + ielen) and *(p + 2 + ielen) without verifying that these offse
- CVE-2025-68245Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18 ("netpoll: fix use after free") incorrectly ignored the refcount and prematurely set dev->npinfo to NULL during netpol
- CVE-2025-68241Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe The sit driver's packet transmission path calls: sit_tunnel_xmit() -> update_or_create_fnhe(), which lead to fnhe_remove_oldest() being called
- CVE-2025-68227Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the sk_prot of sockets during protocol stack processing with sockmap's cust
- CVE-2025-68215Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP
- CVE-2025-68200Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpf_prog_run_data_pointers() syzbot found that cls_bpf_classify() is able to change tc_skb_cb(skb)->drop_reason triggering a warning in sk_skb_reason_drop(). WARNING: CPU: 0 PID: 5965 at net/core/skbu
- CVE-2025-68188Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() Use RCU to avoid a pair of atomic operations and a potential UAF on dst_dev()->flags.
- CVE-2025-68178Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix possible deadlock while configuring policy Following deadlock can be triggered easily by lockdep: WARNING: possible circular locking dependency detected 6.17.0-rc3-00124-ga12c2658ced0 #1665 Not
- CVE-2025-68174Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfd_processes_table is empty. kfd_prcesses_table entry is deleted in kfd_process_notifier_release, but kfd_proces
- CVE-2025-68171Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: fpu__cle
- CVE-2025-40363Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6_output() and ah6_output_done() where extension headers are copied to/from IPv6 address fields, triggering fort
- CVE-2025-40355Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: sysfs: check visibility before changing group attribute ownership Since commit 0c17270f9b92 ("net: sysfs: Implement is_visible for phys_(port_id, port_name, switch_id)"), __dev_change_net_namespace() can hit WA
- CVE-2025-40350Dec 16, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ XDP programs can change the layout of an xdp_buff through bpf_xdp_adjust_tail() and bpf_xdp_adjust_head(). Therefore, the driver cannot
- CVE-2025-40328Dec 9, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list_lock is acquired in smb2
- CVE-2025-40264Dec 4, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site. This may lead to dereferencing a NULL pointer when process
- CVE-2025-40261Dec 4, 2025affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after ca
Page 7 of 9