VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Vulnerabilities (4,559)

  • CVE-2025-38079HigJun 18, 2025
    affected < 5.14.21-150500.13.103.2fixed 5.14.21-150500.13.103.2

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

  • CVE-2025-38068Jun 18, 2025
    affected < 5.14.21-150500.13.121.1fixed 5.14.21-150500.13.121.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space

  • CVE-2025-38060Jun 18, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: copy_verifier_state() should copy 'loop_entry' field The bpf_verifier_state.loop_entry state should be copied by copy_verifier_state(). Otherwise, .loop_entry values from unrelated states would poison env-

  • CVE-2025-38014Jun 18, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper The idxd_cleanup() helper cleans up perfmon, interrupts, internals and so on. Refactor remove call with the idxd_cleanup() helper to avoid code d

  • CVE-2025-38001Jun 6, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

  • CVE-2025-38000Jun 6, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

  • CVE-2025-37997May 29, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and

  • CVE-2025-37963May 20, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In

  • CVE-2025-37958May 20, 2025
    affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate

  • CVE-2025-37953May 20, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres

  • CVE-2025-37948May 20, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program

  • CVE-2025-37932May 20, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly t

  • CVE-2025-37890May 16, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs

  • CVE-2024-28956MedMay 13, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2023-53145May 10, 2025
    affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs wi

  • CVE-2025-37885May 9, 2025
    affected < 5.14.21-150500.13.112.1fixed 5.14.21-150500.13.112.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardle

  • CVE-2025-37823May 8, 2025
    affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.

  • CVE-2023-53143May 2, 2025
    affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmap_head cmd = { .fmh_count = ...; .fmh_keys = { { .fmr_device = /* ext

  • CVE-2023-53142May 2, 2025
    affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1

    In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in ice_get_module_eeprom() ice_get_module_eeprom() is broken since commit e9c9692c8a81 ("ice: Reimplement module reads used by ethtool") In this refactor, ice_get_module_eeprom() re

  • CVE-2023-53140May 2, 2025
    affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug int

Page 63 of 228