VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.1

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Vulnerabilities (1,237)

  • CVE-2025-38323Jul 10, 2025
    affected < 5.3.18-150300.220.1fixed 5.3.18-150300.220.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: add lec_mutex syzbot found its way in net/atm/lec.c, and found an error path in lecd_attach() could leave a dangling pointer in dev_lec[]. Add a mutex to protect dev_lecp[] uses from lecd_attach(), l

  • CVE-2025-38257Jul 9, 2025
    affected < 5.3.18-150300.217.1fixed 5.3.18-150300.217.1

    In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdup_user() Number of apqn target list entries contained in 'nr_apqns' variable is determined by userspace via an ioctl call so the result of the product in

  • CVE-2025-38212HigJul 4, 2025
    affected < 5.3.18-150300.217.1fixed 5.3.18-150300.217.1

    In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i

  • CVE-2025-38206Jul 4, 2025
    affected < 5.3.18-150300.220.1fixed 5.3.18-150300.220.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre

  • CVE-2025-38200Jul 4, 2025
    affected < 5.3.18-150300.217.1fixed 5.3.18-150300.217.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde

  • CVE-2025-38184Jul 4, 2025
    affected < 5.3.18-150300.223.1fixed 5.3.18-150300.223.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun tipc: Started i

  • CVE-2025-38181Jul 4, 2025
    affected < 5.3.18-150300.217.1fixed 5.3.18-150300.217.1

    In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_

  • CVE-2025-38180Jul 4, 2025
    affected < 5.3.18-150300.220.1fixed 5.3.18-150300.220.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.

  • CVE-2025-38177Jul 4, 2025
    affected < 5.3.18-150300.217.1fixed 5.3.18-150300.217.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca

  • CVE-2025-38120Jul 3, 2025
    affected < 5.3.18-150300.217.1fixed 5.3.18-150300.217.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early

  • CVE-2025-38083MedJun 20, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU

  • CVE-2022-50231Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/poly1305 - fix a read out-of-bound A kasan error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon] Read of size 4 at addr

  • CVE-2022-50229Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in snd_card_register() at probe time, it will free the 'bcd2k->midi_out_urb' before killing it, which may cause a UAF bug. The fo

  • CVE-2022-50222Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include

  • CVE-2022-50220Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnet_deferred_kevent() to perform tasks which may sleep. On disconnect, completion of the work was originally awaited in ->ndo_stop().

  • CVE-2022-50218Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028_remove() The driver use the non-managed form of the register function in isl29028_remove(). To keep the release order as mirroring the ordering in probe, the dr

  • CVE-2022-50215Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that

  • CVE-2022-50213Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID, a set from a different table can be used. Then, when the table is removed, a r

  • CVE-2022-50212Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table When doing lookups for chains on the same batch by using its ID, a chain from a different table can be used. If a rule is added to a table b

  • CVE-2022-50211Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in raid10_remove_disk when running the lvm test lvconvert-raid-reshape.sh. We fix this warning by verifying that the value "number" is valid. BUG: KASAN: sl

Page 5 of 62