rpm package
suse/kgraft-patch-SLE12-SP5_Update_68&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_68&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (126)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-37797 | — | < 2-2.1 | 2-2.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc | ||
| CVE-2025-37752 | — | < 2-2.1 | 2-2.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c | ||
| CVE-2025-37785 | — | < 1-8.3.1 | 1-8.3.1 | Apr 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir | ||
| CVE-2021-47669 | — | < 1-8.3.1 | 1-8.3.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni(). | ||
| CVE-2021-47668 | — | < 1-8.3.1 | 1-8.3.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: sta | ||
| CVE-2020-36789 | — | < 1-8.3.1 | 1-8.3.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case), the 'WARN_ON(in_irq)' in net/ | ||
| CVE-2025-23131 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: dlm: prevent NPD when writing a positive value to event_done do_uevent returns the value written to event_done. In case it is a positive value, new_lockspace would undo all the work, and lockspace would not be | ||
| CVE-2025-22086 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu | ||
| CVE-2025-22060 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly acce | ||
| CVE-2025-22055 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink | ||
| CVE-2025-22053 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make veth_pool_store stop hanging v2: - Created a single error handling unlock and exit in veth_pool_store - Greatly expanded commit message with previous explanatory-only text Summary: Use rtnl_ | ||
| CVE-2024-58093 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free"), we would free the ASPM link only after the l | ||
| CVE-2025-22018 | — | < 1-8.3.1 | 1-8.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holding_time are NULL. Because there is only for the situ | ||
| CVE-2025-22010 | — | < 1-8.3.1 | 1-8.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer (e.g. MR over 100GB) is being allocated, it may require a c | ||
| CVE-2025-22008 | — | < 1-8.3.1 | 1-8.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: check that dummy regulator has been probed before using it Due to asynchronous driver probing there is a chance that the dummy regulator hasn't already been probed when first accessing it. | ||
| CVE-2025-22004 | — | < 1-8.3.1 | 1-8.3.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free. | ||
| CVE-2025-21976 | — | < 1-8.3.1 | 1-8.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the fo | ||
| CVE-2025-21964 | — | < 1-8.3.1 | 1-8.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s | ||
| CVE-2025-21963 | — | < 1-8.3.1 | 1-8.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s | ||
| CVE-2025-21957 | — | < 1-8.3.1 | 1-8.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its c |
- CVE-2025-37797May 2, 2025affected < 2-2.1fixed 2-2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
- CVE-2025-37752May 1, 2025affected < 2-2.1fixed 2-2.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c
- CVE-2025-37785Apr 18, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir
- CVE-2021-47669Apr 17, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni().
- CVE-2021-47668Apr 17, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: sta
- CVE-2020-36789Apr 17, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case), the 'WARN_ON(in_irq)' in net/
- CVE-2025-23131Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: dlm: prevent NPD when writing a positive value to event_done do_uevent returns the value written to event_done. In case it is a positive value, new_lockspace would undo all the work, and lockspace would not be
- CVE-2025-22086Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu
- CVE-2025-22060Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly acce
- CVE-2025-22055Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink
- CVE-2025-22053Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make veth_pool_store stop hanging v2: - Created a single error handling unlock and exit in veth_pool_store - Greatly expanded commit message with previous explanatory-only text Summary: Use rtnl_
- CVE-2024-58093Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free"), we would free the ASPM link only after the l
- CVE-2025-22018Apr 16, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holding_time are NULL. Because there is only for the situ
- CVE-2025-22010Apr 8, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer (e.g. MR over 100GB) is being allocated, it may require a c
- CVE-2025-22008Apr 8, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: regulator: check that dummy regulator has been probed before using it Due to asynchronous driver probing there is a chance that the dummy regulator hasn't already been probed when first accessing it.
- CVE-2025-22004Apr 3, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.
- CVE-2025-21976Apr 1, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the fo
- CVE-2025-21964Apr 1, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s
- CVE-2025-21963Apr 1, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s
- CVE-2025-21957Apr 1, 2025affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debug level > 2 A null dereference or oops exception will eventually occur when qla1280.c driver is compiled with DEBUG_QLA1280 enabled and ql_debug_level > 2. I think its c
Page 2 of 7