rpm package
suse/kernel-livepatch-SLE15-SP7_Update_8&distro=SUSE Linux Enterprise Live Patching 15 SP7
pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7
Vulnerabilities (405)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68181 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() drm_put_dev()'ing to trigger it to be free'd should be done by devres. However, | ||
| CVE-2025-68180 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_combine_segments When a connector is connected but inactive (e.g., disabled by desktop environments), pipe_ctx->stream_res.tg will be destroyed. Then, reading odm_ | ||
| CVE-2025-68176 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doe | ||
| CVE-2025-68172 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp | ||
| CVE-2025-68170 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree() devres managed rdev Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() rdev is managed by devres and we shouldn't be calling kfree() on it. This f | ||
| CVE-2025-68168 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on r | ||
| CVE-2025-40360 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plan | ||
| CVE-2025-40359 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. =================================================== | ||
| CVE-2025-40357 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag_dump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 [#1] SMP KASAN NOPTI KASAN: m | ||
| CVE-2025-40354 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link->enc NULL pointer access [why] 1.) dc->links[MAX_LINKS] array size smaller than actual requested. max_connector + max_dpia + 4 virtual = 14. increase from 1 | ||
| CVE-2025-40351 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() The syzbot reported issue in hfsplus_delete_cat(): [ 70.682285][ T9333] ===================================================== [ 70.682943][ T93 | ||
| CVE-2025-40349 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplus_bmap_alloc hfsplus_bmap_alloc can trigger a crash if a record offset or length is larger than node_size [ 15.264282] BUG: KASAN: slab-out-of-bounds in hfsplus_bmap_allo | ||
| CVE-2025-40347 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetc_mdio_lock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the re | ||
| CVE-2025-40346 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The c | ||
| CVE-2025-68223 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with | ||
| CVE-2025-40345 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report val | ||
| CVE-2025-40343 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_por | ||
| CVE-2025-40342 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reco | ||
| CVE-2025-40340 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test. I saw an oops in xe_gem_fault when running the xe-fast-feedback testlist against the realtime kernel without debug options enabled. The panic | ||
| CVE-2025-40339 | — | < 1-150700.15.3.1 | 1-150700.15.3.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix nullptr err of vm_handle_moved If a amdgpu_bo_va is fpriv->prt_va, the bo of this one is always NULL. So, such kind of amdgpu_bo_va should be updated separately before amdgpu_vm_handle_moved. |
- CVE-2025-68181Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() drm_put_dev()'ing to trigger it to be free'd should be done by devres. However,
- CVE-2025-68180Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_combine_segments When a connector is connected but inactive (e.g., disabled by desktop environments), pipe_ctx->stream_res.tg will be destroyed. Then, reading odm_
- CVE-2025-68176Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doe
- CVE-2025-68172Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp
- CVE-2025-68170Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree() devres managed rdev Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() rdev is managed by devres and we shouldn't be calling kfree() on it. This f
- CVE-2025-68168Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on r
- CVE-2025-40360Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plan
- CVE-2025-40359Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ===================================================
- CVE-2025-40357Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag_dump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 [#1] SMP KASAN NOPTI KASAN: m
- CVE-2025-40354Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link->enc NULL pointer access [why] 1.) dc->links[MAX_LINKS] array size smaller than actual requested. max_connector + max_dpia + 4 virtual = 14. increase from 1
- CVE-2025-40351Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() The syzbot reported issue in hfsplus_delete_cat(): [ 70.682285][ T9333] ===================================================== [ 70.682943][ T93
- CVE-2025-40349Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplus_bmap_alloc hfsplus_bmap_alloc can trigger a crash if a record offset or length is larger than node_size [ 15.264282] BUG: KASAN: slab-out-of-bounds in hfsplus_bmap_allo
- CVE-2025-40347Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetc_mdio_lock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the re
- CVE-2025-40346Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The c
- CVE-2025-68223Dec 16, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with
- CVE-2025-40345Dec 12, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report val
- CVE-2025-40343Dec 9, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_por
- CVE-2025-40342Dec 9, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reco
- CVE-2025-40340Dec 9, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test. I saw an oops in xe_gem_fault when running the xe-fast-feedback testlist against the realtime kernel without debug options enabled. The panic
- CVE-2025-40339Dec 9, 2025affected < 1-150700.15.3.1fixed 1-150700.15.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix nullptr err of vm_handle_moved If a amdgpu_bo_va is fpriv->prt_va, the bo of this one is always NULL. So, such kind of amdgpu_bo_va should be updated separately before amdgpu_vm_handle_moved.
Page 13 of 21