VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (371)

  • CVE-2025-38206Jul 4, 2025
    affected < 6-150700.2.1fixed 6-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre

  • CVE-2025-38181Jul 4, 2025
    affected < 4-150700.2.1fixed 4-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_

  • CVE-2025-38111HigJul 3, 2025
    affected < 10-150700.2.1fixed 10-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of

  • CVE-2025-38159Jul 3, 2025
    affected < 12-150700.2.1fixed 12-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes:

  • CVE-2025-38129Jul 3, 2025
    affected < 11-150700.2.1fixed 11-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of

  • CVE-2025-38110Jul 3, 2025
    affected < 6-150700.2.1fixed 6-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t

  • CVE-2025-38109Jul 3, 2025
    affected < 4-150700.2.1fixed 4-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop

  • CVE-2025-38089Jun 30, 2025
    affected < 5-150700.2.1fixed 5-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC rep

  • CVE-2025-38087Jun 30, 2025
    affected < 3-150700.2.1fixed 3-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding

  • CVE-2025-38083MedJun 20, 2025
    affected < 2-150700.2.1fixed 2-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU

  • CVE-2025-38001Jun 6, 2025
    affected < 3-150700.2.1fixed 3-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

  • CVE-2025-38000Jun 6, 2025
    affected < 3-150700.2.1fixed 3-150700.2.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

  • CVE-2025-37974May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpci_create_device() error return The zpci_create_device() function returns an error pointer that needs to be checked before dereferencing it as a struct zpci_dev pointer. Add th

  • CVE-2025-37960May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: memblock: Accept allocated memory before use in memblock_double_array() When increasing the array size in memblock_double_array() and the slab is not yet available, a call to memblock_find_in_range() is used to

  • CVE-2025-37958May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate

  • CVE-2025-37957May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f ("KVM: x86: forcibly leave nested mode on vCPU reset") addressed an issue where a triple fault occurring in nested mode

  • CVE-2025-37949May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbus_thread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:__wake_up_common+0x4c/

  • CVE-2024-28956MedMay 13, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2025-37887May 9, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command the driver might at the least print garbage and at the worst crash when the user runs th

  • CVE-2025-37886May 9, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: pds_core: make wait_context part of q_info Make the wait_context a full part of the q_info struct rather than a stack variable that goes away after pdsc_adminq_post() is done so that the context is still availa

Page 3 of 19