VYPR

rpm package

suse/kernel-livepatch-SLE15-SP7_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (405)

  • CVE-2025-68181Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() drm_put_dev()'ing to trigger it to be free'd should be done by devres. However,

  • CVE-2025-68180Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_combine_segments When a connector is connected but inactive (e.g., disabled by desktop environments), pipe_ctx->stream_res.tg will be destroyed. Then, reading odm_

  • CVE-2025-68176Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doe

  • CVE-2025-68172Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp

  • CVE-2025-68170Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree() devres managed rdev Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() rdev is managed by devres and we shouldn't be calling kfree() on it. This f

  • CVE-2025-68168Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on r

  • CVE-2025-40360Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plan

  • CVE-2025-40359Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ===================================================

  • CVE-2025-40357Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag_dump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 [#1] SMP KASAN NOPTI KASAN: m

  • CVE-2025-40354Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link->enc NULL pointer access [why] 1.) dc->links[MAX_LINKS] array size smaller than actual requested. max_connector + max_dpia + 4 virtual = 14. increase from 1

  • CVE-2025-40351Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() The syzbot reported issue in hfsplus_delete_cat(): [ 70.682285][ T9333] ===================================================== [ 70.682943][ T93

  • CVE-2025-40349Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplus_bmap_alloc hfsplus_bmap_alloc can trigger a crash if a record offset or length is larger than node_size [ 15.264282] BUG: KASAN: slab-out-of-bounds in hfsplus_bmap_allo

  • CVE-2025-40347Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetc_mdio_lock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the re

  • CVE-2025-40346Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The c

  • CVE-2025-68223Dec 16, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with

  • CVE-2025-40345Dec 12, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report val

  • CVE-2025-40343Dec 9, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_por

  • CVE-2025-40342Dec 9, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reco

  • CVE-2025-40340Dec 9, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test. I saw an oops in xe_gem_fault when running the xe-fast-feedback testlist against the realtime kernel without debug options enabled. The panic

  • CVE-2025-40339Dec 9, 2025
    affected < 1-150700.15.3.1fixed 1-150700.15.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix nullptr err of vm_handle_moved If a amdgpu_bo_va is fpriv->prt_va, the bo of this one is always NULL. So, such kind of amdgpu_bo_va should be updated separately before amdgpu_vm_handle_moved.

Page 13 of 21