VYPR

rpm package

suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.3

pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Vulnerabilities (2,973)

  • CVE-2022-50615Dec 8, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() pci_get_device() will increase the reference count for the returned pci_dev, so snr_uncore_get_mc_dev() will return a pci_dev with its re

  • CVE-2022-50614Dec 8, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: [ 60.137988] ------

  • CVE-2025-40280Dec 6, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_mon_reinit_self(). syzbot reported use-after-free of tipc_net(net)->monitors[] in tipc_mon_reinit_self(). [0] The array is protected by RTNL, but tipc_mon_reinit_self() iterate

  • CVE-2025-40277Dec 6, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds acc

  • CVE-2025-40258Dec 4, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcp_schedule_work() syzbot reported use-after-free in mptcp_schedule_work() [1] Issue here is that mptcp_schedule_work() schedules a work, then gets a refcount on sk->sk_refcnt i

  • CVE-2025-40257Dec 4, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcp_pm_del_add_timer() mptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, &entry->add_timer) while another might have free entry already, as reported by syzbot. Add RCU protection

  • CVE-2025-40256Dec 4, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added In commit b441cf3f8c4b ("xfrm: delete x->tunnel as we delete x"), I missed the case where state creation fails between f

  • CVE-2025-40242Dec 4, 2025
    affected < 5.14.21-150400.15.145.1fixed 5.14.21-150400.15.145.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlm_put_lock In gdlm_put_lock(), there is a small window of time in which the DFL_UNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may stil

  • CVE-2025-40233Dec 4, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This trigg

  • CVE-2025-40220Dec 4, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: fuse: fix livelock in synchronous file put from fuseblk workers I observed a hang when running generic/323 against a fuseblk server. This test opens a file, initiates a lot of AIO writes to that file descriptor

  • CVE-2025-40215Dec 4, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a

  • CVE-2025-40204Nov 12, 2025
    affected < 5.14.21-150400.15.139.2fixed 5.14.21-150400.15.139.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

  • CVE-2025-40154Nov 12, 2025
    affected < 5.14.21-150400.15.139.2fixed 5.14.21-150400.15.139.2

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to unepxect

  • CVE-2025-40139Nov 12, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_ge

  • CVE-2025-40121Nov 12, 2025
    affected < 5.14.21-150400.15.139.2fixed 5.14.21-150400.15.139.2

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver just ignores and leaves as is, which may lead to unepxected results lik

  • CVE-2025-40102Oct 30, 2025
    affected < 5.14.21-150400.15.136.1fixed 5.14.21-150400.15.136.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpr

  • CVE-2025-40088Oct 30, 2025
    affected < 5.14.21-150400.15.136.1fixed 5.14.21-150400.15.136.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 1

  • CVE-2023-7324Oct 29, 2025
    affected < 5.14.21-150400.15.136.1fixed 5.14.21-150400.15.136.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Sanitize possible addl_desc_ptr out-of-bounds accesses in ses_enclosure_data_process().

  • CVE-2025-40048Oct 28, 2025
    affected < 5.14.21-150400.15.139.2fixed 5.14.21-150400.15.139.2

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us

  • CVE-2025-40044Oct 28, 2025
    affected < 5.14.21-150400.15.136.1fixed 5.14.21-150400.15.136.1

    In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m

Page 18 of 149