VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (103)

  • CVE-2026-45970HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlb_arp_recv during bond up/down The ALB RX path may access rx_hashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlb_deinitialize() frees rx_hashtbl while RX ha

  • CVE-2026-45932HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPF_PROG_DETACH on tcx or netkit devices could be executed by any user when no program fd was provided, b

  • CVE-2026-45910HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxe_task.c:249 at rxe_sched_task+0x1c8/0x238 [rdma_rxe], CPU#0: swapper/0/0 ... libsha

  • CVE-2026-45898CriMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removing work_list The commit e1168f0 ("RDMA/iwcm: Simplify cm_event_handler()") changed the work submission logic to unconditionally call queue_work() with the expec

  • CVE-2026-45886May 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_xdp_store_bytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpf_xdp_store_bytes proto is incorrect. In particular, the verifier was thr

  • CVE-2026-45878HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 The address watch clear code receives watch_id as an unsigned value (u32), but some helper functions were using a signed int and checked bits b

  • CVE-2026-45856HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send ib_uverbs_post_send() uses cmd.wqe_size from userspace without any validation before passing it to kmalloc() and using the allocated buffer

  • CVE-2026-45852HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxe_srq_from_init In rxe_srq_from_init(), the queue pointer 'q' is assigned to 'srq->rq.queue' before copying the SRQ number to user space. If copy_to_user() fails, the function cal

  • CVE-2026-45846May 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() bareudp_fill_metadata_dst() passes bareudp->sock to udp_tunnel6_dst_lookup() in the IPv6 path without a NULL check. The socket is only create

  • CVE-2026-45843HigMay 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: slip: bound decode() reads against the compressed packet length slhc_uncompress() parses a VJ-compressed TCP header by advancing a pointer through the packet via decode() and pull16(). Neither helper bounds-che

  • CVE-2026-45842May 27, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhc_init() accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation l

  • CVE-2026-43501CriMay 21, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6_hdr->daddr, recompresses, then pulls the old h

  • CVE-2026-43499HigMay 21, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, but it is also used for proxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from futex_

  • CVE-2026-43483May 13, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated Explicitly set/clear CR8 write interception when AVIC is (de)activated to fix a bug where KVM leaves the interception enabled after AVIC is

  • CVE-2026-43470MedMay 8, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir If we found an alias through nfs3_do_create/nfs_add_or_obtain /d_splice_alias which happens to be a dir dentry, we don't return any error, and simply f

  • CVE-2026-43455MedMay 8, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key->lock in mctp_flow_prepare_output() mctp_flow_prepare_output() checks key->dev and may call mctp_dev_set_key(), but it does not hold key->lock while doing so. mctp_dev_set_key() and mctp_

  • CVE-2026-43414CriMay 8, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xx_els_dcmd_iocb() sp->free is set to qla2x00_els_dcmd_sp_free(). When an error happens, this function is called by qla2x00_sp_release(), when kref_put()

  • CVE-2026-43413MedMay 8, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix NULL pointer exception during user_scan() user_scan() invokes updated sas_user_scan() for channel 0, and if successful, iteratively scans remaining channels (1 to shost->max_channel) via scs

  • CVE-2026-43411MedMay 8, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipc_sk_filter_connect() A user can set conn_timeout to any value via setsockopt(TIPC_CONN_TIMEOUT), including values less than 4. When a SYN is rejected with TIPC_ERR_OVERLOAD and

  • CVE-2026-43407CriMay 8, 2026
    affected < 1-150700.15.3.2fixed 1-150700.15.3.2

    In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() This patch fixes an out-of-bounds access in ceph_handle_auth_reply() that can be triggered by a message of type CEPH_MSG_AUTH_REPLY. In ce

Page 2 of 6