VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_2&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (284)

  • CVE-2025-38011Jun 18, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and bel

  • CVE-2025-38010Jun 18, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses bias_pad_enable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system sus

  • CVE-2025-38009Jun 18, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on driver removal started occurring after commit 9dd05df8403b ("net: warn if NAPI instance wasn't shut down"). Disable tx napi before deleting it in mt76_dma

  • CVE-2025-38007Jun 18, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add NULL check in uclogic_input_configured() devm_kasprintf() returns NULL when memory allocation fails. Currently, uclogic_input_configured() does not check for this case, which results in a NULL

  • CVE-2025-38005Jun 18, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Add missing locking Recent kernels complain about a missing lock in k3-udma.c when the lock validator is enabled: [ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h

  • CVE-2025-38004Jun 8, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at

  • CVE-2025-38003Jun 8, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcm_op which is in the process to be removed the procfs output might show unreliable data (UAF). As the r

  • CVE-2025-38001Jun 6, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

  • CVE-2025-38000Jun 6, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

  • CVE-2025-37998May 29, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in output_userspace() This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensures that only well-formed a

  • CVE-2025-37997May 29, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and

  • CVE-2025-37995May 29, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobject_put() is safe for module type kobjects In 'lookup_or_create_module_kobject()', an internal kobject is created using 'module_ktype'. So call to 'kobject_put()' on error handling path

  • CVE-2025-37994May 29, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsi_displayport_work workqueue to finish executing before proceeding with the p

  • CVE-2025-37992May 26, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: Flush gso_skb list too during ->change() Previously, when reducing a qdisc's limit via the ->change() operation, only the main skb queue was trimmed, potentially leaving packets in the gso_skb list.

  • CVE-2025-37990May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() The function brcmf_usb_dl_writeimage() calls the function brcmf_usb_dl_cmd() but dose not check its return value. The 'state.state' and th

  • CVE-2025-37980MedMay 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_

  • CVE-2025-37968MedMay 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fix deadlock due to concurrent flag access The threaded IRQ function in this driver is reading the flag twice: once to lock a mutex and once to unlock it. Even though the code setting the f

  • CVE-2025-37989May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition, which was traced to a memory leak in the PHY LED trigger code. The root cause is misuse of the devm API. Th

  • CVE-2025-37987May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: pds_core: Prevent possible adminq overflow/stuck condition The pds_core's adminq is protected by the adminq_lock, which prevents more than 1 command to be posted onto it at any one time. This makes it so the cl

  • CVE-2025-37986May 20, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Invalidate USB device pointers on partner unregistration To avoid using invalid USB device pointers after a Type-C partner disconnects, this patch clears the pointers upon partner unregistrat

Page 4 of 15