VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_10&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (155)

  • CVE-2026-23021Jan 31, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in update_eth_regs_async() When asynchronously writing to the device registers and if usb_submit_urb() fail, the code fail to release allocated to this point resources.

  • CVE-2026-23017Jan 31, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the init_task on load If the init_task fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will

  • CVE-2025-71184Jan 31, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfs_evict_inode() the root

  • CVE-2025-71182Jan 31, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939_session_activate() fail if device is no longer registered syzbot is still reporting unregister_netdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b589

  • CVE-2026-23010HigJan 25, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of inet6_ifaddr in inet6_addr_del(). [0] The cited commit accidentally moved ipv6_del_addr() for mngtmpaddr before reading its ifp->

  • CVE-2026-23004HigJan 25, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() syzbot was able to crash the kernel in rt6_uncached_list_flush_dev() in an interesting way [1] Crash happens in list_del_init()/INIT_LIST_HE

  • CVE-2026-23003HigJan 25, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did not take care of VLAN encapsulations as spotted by syzbot [1]. Use skb_vlan_inet_prepare() instead of pskb_inet_may_pull(). [1] BU

  • CVE-2026-22998HigJan 25, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit efa56305908b ("nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length") added ttag bounds checking and data_offset va

  • CVE-2026-22989Jan 23, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlock_filesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nf

  • CVE-2026-22982Jan 23, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer d

  • CVE-2026-22979Jan 23, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list() is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation lo

  • CVE-2025-71148Jan 23, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshake_req_submit() replaces sk->sk_destruct but never restores it when submission fails before the request is hashed. handshake_sk_destruct() then returns

  • CVE-2025-71126Jan 14, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme #1 Not tainted -------------------------

  • CVE-2025-71125Jan 14, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer w

  • CVE-2025-71113Jan 14, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, relying on callers to set fields explicitl

  • CVE-2025-71104Jan 14, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expirat

  • CVE-2025-71066Jan 13, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change zdi-disclosures@trendmicro.com says: The vulnerability is a race condition between `ets_qdisc_dequeue` and `ets_qdisc_ch

  • CVE-2025-68810Jan 13, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot Reject attempts to disable KVM_MEM_GUEST_MEMFD on a memslot that was initially created with a guest_memfd binding, as KVM doesn't support toggli

  • CVE-2025-68785Jan 13, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in push_nsh() action The push_nsh() action structure looks like this: OVS_ACTION_ATTR_PUSH_NSH(OVS_KEY_ATTR_NSH(OVS_NSH_KEY_ATTR_BASE,...)) The outermost OVS

  • CVE-2025-68778Jan 13, 2026
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't log conflicting inode if it's a dir moved in the current transaction We can't log a conflicting inode if it's a directory and it was moved from one parent directory to another parent directory in t

Page 7 of 8