VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_3&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (274)

  • CVE-2025-38409Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path put_unused_fd() doesn't free the installed file, if we've already done fd_install(). So we need to also free the sync_file. Patchwork: https://patchwork.free

  • CVE-2025-38400MedJul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. syzbot reported a warning below [1] following a fault injection in nfs_fs_proc_net_init(). [0] When nfs_fs_proc_net_init() fails, /proc/net/rp

  • CVE-2025-38393MedJul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFS_LAYOUT_DRAIN bit in pnfs_update_layout(),

  • CVE-2025-38364MedJul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() Temporarily clear the preallocation flag when explicitly requesting allocations. Pre-existing allocations are already counted against the request thr

  • CVE-2025-38406Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do with the driver's stack at this point etc., so the WARN_ON() doesn't add any value. Additionally, this is on

  • CVE-2025-38404Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of `cros_typec_altmode_data::mutex`. The call chain is as follows: 1. cros_typec_altmode_work() acquire

  • CVE-2025-38403Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left i

  • CVE-2025-38401Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Prevent memory corruption from DMA map failure If msdc_prepare_data() fails to map the DMA region, the request is not prepared for data receiving, but msdc_start_data() proceeds the DMA with previous se

  • CVE-2025-38399Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() The function core_scsi3_decode_spec_i_port(), in its error code path, unconditionally calls core_scsi3_lunacl_undepend_item() passin

  • CVE-2025-38396Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create anonymous inodes with proper security context. This replaces the c

  • CVE-2025-38395Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpio_desc' pointers. But the memory is allocated for only one pointer. This will lead to out-of-

  • CVE-2025-38392Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2_CAP_MACFILTER enabled, the following warning is generated on module load: [ 324.701677] BUG: sleeping function called from invalid context at ker

  • CVE-2025-38391Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pin_assignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value

  • CVE-2025-38389Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix timeline left held on VMA alloc error The following error has been reported sporadically by CI when a test unbinds the i915 driver on a ring submission platform: <4> [239.330153] ------------[

  • CVE-2025-38387Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert The obj_event may be loaded immediately after inserted, then if the list_head is not initialized then we may get a poisonous pointer. This fixes t

  • CVE-2025-38386Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in [1], a platform firmware update that increased the number of method parameters and forgot to update a least one of its callers, caused

  • CVE-2025-38385Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect Remove redundant netif_napi_del() call from disconnect path. A WARN may be triggered in __netif_napi_del_locked() during USB device disconne

  • CVE-2025-38384Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: fix memory leak of ECC engine conf Memory allocated for the ECC engine conf is not released during spinand cleanup. Below kmemleak trace is seen for this memory leak: unreferenced object 0xffffff

  • CVE-2025-38382Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix iteration of extrefs during log replay At __inode_add_ref() when processing extrefs, if we jump into the next label we have an undefined value of victim_name.len, since we haven't initialized it befo

  • CVE-2025-38377Jul 25, 2025
    affected < 1-150700.15.3.4fixed 1-150700.15.3.4

    In the Linux kernel, the following vulnerability has been resolved: rose: fix dangling neighbour pointers in rose_rt_device_down() There are two bugs in rose_rt_device_down() that can cause use-after-free: 1. The loop bound `t->count` is modified within the loop, which can

Page 4 of 14