VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.3

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Vulnerabilities (2,793)

  • CVE-2025-38001Jun 6, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

  • CVE-2025-38000Jun 6, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

  • CVE-2025-37997May 29, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and

  • CVE-2025-37963May 20, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In

  • CVE-2025-37958May 20, 2025
    affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate

  • CVE-2025-37953May 20, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres

  • CVE-2025-37948May 20, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program

  • CVE-2025-37932May 20, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t

  • CVE-2025-37890May 16, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs

  • CVE-2024-28956MedMay 13, 2025
    affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

    Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2023-53145May 10, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs wi

  • CVE-2025-37885May 9, 2025
    affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardle

  • CVE-2025-37823May 8, 2025
    affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.

  • CVE-2023-53143May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmap_head cmd = { .fmh_count = ...; .fmh_keys = { { .fmr_device = /* ext

  • CVE-2023-53142May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in ice_get_module_eeprom() ice_get_module_eeprom() is broken since commit e9c9692c8a81 ("ice: Reimplement module reads used by ethtool") In this refactor, ice_get_module_eeprom() re

  • CVE-2023-53140May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug int

  • CVE-2023-53139May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_property_read_u8_array later.

  • CVE-2023-53134May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurr

  • CVE-2023-53131May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up.

  • CVE-2023-53125May 2, 2025
    affected < 5.14.21-150400.15.121.1fixed 5.14.21-150400.15.121.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network

Page 54 of 140