VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server 15 SP5-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS

Vulnerabilities (2,310)

  • CVE-2025-37789May 1, 2025
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.

  • CVE-2025-37752May 1, 2025
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c

  • CVE-2025-37738May 1, 2025
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================

  • CVE-2025-23145May 1, 2025
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a

  • CVE-2025-23141May 1, 2025
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Acquire a lock on kvm->srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e

  • CVE-2025-39735Apr 18, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in ea_get() During the "size_check" label in ea_get(), the code checks if the extended attribute list (xattr) size matches ea_size. If not, it logs "ea_get: invalid extended att

  • CVE-2025-37785Apr 18, 2025
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir

  • CVE-2021-47671Apr 17, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previo

  • CVE-2025-23138Apr 16, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe itself, due to the if (!pipe_

  • CVE-2025-22097Apr 16, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it.

  • CVE-2025-22056Apr 16, 2025
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence

  • CVE-2025-22055Apr 16, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink

  • CVE-2025-22045Apr 16, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the following path, flush_tlb_range() can be used for zapping normal PMD entries (PMD entries that point to page tables) together with the PTE

  • CVE-2025-22020Apr 16, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt

  • CVE-2025-22004Apr 3, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

  • CVE-2025-21999Apr 3, 2025
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc

  • CVE-2025-21971Apr 1, 2025
    affected < 5.14.21-150500.55.121.2fixed 5.14.21-150500.55.121.2

    In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe

  • CVE-2023-52975HigMar 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KAS

  • CVE-2023-53033Mar 27, 2025
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the bounda

  • CVE-2023-53031Mar 27, 2025
    affected < 5.14.21-150500.55.103.1fixed 5.14.21-150500.55.103.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNING with CONFIG_DEBUG_ATOMIC_SLEEP and CONFIG_PROVE_LOCKING enabled, while running a thread_imc event. Command to

Page 72 of 116