VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_5&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (115)

  • CVE-2025-38639Aug 22, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 [..] string+0x231/0x

  • CVE-2025-38628Aug 22, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5_vdpa_free() is the single entrypoint for removing the vdpa device resources added in mlx5_vdpa_dev

  • CVE-2025-38623Aug 22, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug system after device removal a

  • CVE-2025-38622Aug 22, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udp_rcv_segment() When sending a packet with virtio_net_hdr to tun device, if the gso_type in virtio_net_hdr is SKB_GSO_UDP and the gso_size is less than udphdr size, below crash may ha

  • CVE-2025-38616Aug 22, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i

  • CVE-2025-38614MedAug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is loop-free and does some re

  • CVE-2025-38584HigAug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A reference count is taken at the start of the process in padata_do_parallel, and relea

  • CVE-2025-38605Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() In ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to retrieve the ab pointer. In vdev delete sequence the arvif->ar could

  • CVE-2025-38597Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port Each window of a vop2 is usable by a specific set of video ports, so while binding the vop2, we look through the list of available wi

  • CVE-2025-38595Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: xen: fix UAF in dmabuf_exp_from_pages() [dma_buf_fd() fixes; no preferences regarding the tree it goes through - up to xen folks] As soon as we'd inserted a file reference into descriptor table, another thread

  • CVE-2025-38593Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()' Function 'hci_discovery_filter_clear()' frees 'uuids' array and then sets it to NULL. There is a tiny chance of the following race: 'hci_c

  • CVE-2025-38590Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed

  • CVE-2025-38574Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptp_xmit() Commit aabc6596ffb3 ("net: ppp: Add bound checking for skb data on ppp_sync_txmung") fixed ppp_sync_txmunge() We need a similar fix in pptp_xmit(), otherwise we m

  • CVE-2025-38556Aug 19, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity.

  • CVE-2025-38544Aug 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AF_RXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg() and

  • CVE-2025-38533Aug 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wx_rx_buffer structure contained two DMA address fields: 'dma' and 'page_dma'. However, only 'page_dma' was actually initialized and used to program the Rx descrip

  • CVE-2025-38527Aug 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileIn

  • CVE-2025-38526Aug 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: add NULL check in eswitch lag check The function ice_lag_is_switchdev_running() is being called from outside of the LAG event handler code. This results in the lag->upper_netdev being NULL sometimes. To

  • CVE-2025-38514Aug 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AF_RXRPC service socket is opened and bound, but calls are preallocated, then rxrpc_alloc_incoming_call() will oops because the rxrpc_backlo

  • CVE-2025-38488Jul 28, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However

Page 5 of 6