rpm package
suse/kernel-livepatch-SLE15-SP7_Update_16&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (103)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-31596 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 24, 2026 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI RIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Cod | |
| CVE-2026-31591 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 24, 2026 | In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its stat | |
| CVE-2026-31590 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 24, 2026 | In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION Drop the WARN in sev_pin_memory() on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: | |
| CVE-2026-31546 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 24, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_hashtbl_used_head list with slave set to NULL when no replacement slave is available | |
| CVE-2026-31518 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output co | |
| CVE-2026-31516 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policy_hthresh.work from racing with netns teardown A XFRM_MSG_NEWSPDINFO request can queue the per-net work item policy_hthresh.work onto the system workqueue. The queued callback, xfrm_hash_reb | |
| CVE-2026-31493 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the com | |
| CVE-2026-31480 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutex_lock(&inter | |
| CVE-2026-31473 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex MEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0) queue teardown paths. This can race request object cleanup against vb2 que | |
| CVE-2026-31464 | Hig | 8.1 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() A malicious or compromised VIO server can return a num_written value in the discover targets MAD response that exceeds max_targets. This value is s | |
| CVE-2026-31455 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any | |
| CVE-2026-31454 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects t | |
| CVE-2026-31448 | Cri | 9.4 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails (in this example, because the fil | |
| CVE-2026-31446 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in update_super_work when racing with umount Commit b98535d09179 ("ext4: fix bug_on in start_this_handle during umount filesystem") moved ext4_unregister_sysfs() before flushing s_sb_up | |
| CVE-2026-31396 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 3, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via get_ts_info ethtool call which is poss | |
| CVE-2026-23444 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 3, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure ieee80211_tx_prepare_skb() has three error paths, but only two of them free the skb. The first error path (ieee80211_tx_prepare() returning | |
| CVE-2026-23438 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Apr 3, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with global_tx_fc in buffer switching mvpp2_bm_switch_buffers() unconditionally calls mvpp2_bm_pool_update_priv_fc() when switching between per-cpu and shared buffer pool m | |
| CVE-2026-23359 | Hig | 7.8 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Mar 25, 2026 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of | |
| CVE-2026-23327 | Hig | 7.1 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Mar 25, 2026 | In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() cxl_payload_from_user_allowed() casts and dereferences the input payload without first verifying its size. When a raw | |
| CVE-2026-23303 | Med | 5.5 | < 1-150700.15.3.2 | 1-150700.15.3.2 | Mar 25, 2026 | In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log |
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI RIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Cod
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its stat
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION Drop the WARN in sev_pin_memory() on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing:
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_hashtbl_used_head list with slave set to NULL when no replacement slave is available
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output co
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policy_hthresh.work from racing with netns teardown A XFRM_MSG_NEWSPDINFO request can queue the per-net work item policy_hthresh.work onto the system workqueue. The queued callback, xfrm_hash_reb
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the com
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutex_lock(&inter
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex MEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0) queue teardown paths. This can race request object cleanup against vb2 que
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() A malicious or compromised VIO server can return a num_written value in the discover targets MAD response that exceeds max_targets. This value is s
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects t
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails (in this example, because the fil
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in update_super_work when racing with umount Commit b98535d09179 ("ext4: fix bug_on in start_this_handle during umount filesystem") moved ext4_unregister_sysfs() before flushing s_sb_up
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via get_ts_info ethtool call which is poss
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure ieee80211_tx_prepare_skb() has three error paths, but only two of them free the skb. The first error path (ieee80211_tx_prepare() returning
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with global_tx_fc in buffer switching mvpp2_bm_switch_buffers() unconditionally calls mvpp2_bm_pool_update_priv_fc() when switching between per-cpu and shared buffer pool m
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() cxl_payload_from_user_allowed() casts and dereferences the input payload without first verifying its size. When a raw
- affected < 1-150700.15.3.2fixed 1-150700.15.3.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log
Page 5 of 6