VYPR

rpm package

suse/kernel-livepatch-SLE16_Update_1&distro=SUSE Linux Enterprise Server for SAP applications 16.0

pkg:rpm/suse/kernel-livepatch-SLE16_Update_1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0

Vulnerabilities (27)

  • CVE-2025-40204Nov 12, 2025
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

  • CVE-2025-40186Nov 12, 2025
    affected < 4-160000.1.1fixed 4-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). syzbot reported the splat below in tcp_conn_request(). [0] If a listener is close()d while a TFO socket is being processed in tcp_conn_request(),

  • CVE-2025-40159Nov 12, 2025
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly invalid values passed in xdp_desc from userspace can pass xp_{,un}aligned_validate_desc() and then lead to UBs or just invalid frame

  • CVE-2025-40130Nov 12, 2025
    affected < 5-160000.1.1fixed 5-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_latency_qos_add/remove/update_request interfaces lack internal synchronization by design, requiring the caller to ensure thread safe

  • CVE-2025-40018Oct 24, 2025
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr

  • CVE-2025-39973Oct 15, 2025
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu

  • CVE-2025-39963Oct 9, 2025
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix incorrect io_kiocb reference in io_link_skb In io_link_skb function, there is a bug where prev_notif is incorrectly assigned using 'nd' instead of 'prev_nd'. This causes the context validation che

Page 2 of 2