VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_69&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_69&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (183)

  • CVE-2022-49775May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG

  • CVE-2022-49772May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() snd_usbmidi_output_open() has a check of the NULL port with snd_BUG_ON(). snd_BUG_ON() was used as this shouldn't have happened, but in reality

  • CVE-2022-49771May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if list_versions races with module loading __list_versions will first estimate the required space using the "dm_target_iterate(list_version_get_needed, &needed)" call and then will fil

  • CVE-2022-49769May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sb_bsize_shift after reading superblock Fuzzers like to scribble over sb_bsize_shift but in reality it's very unlikely that this field would be corrupted on its own. Nevertheless it should be checke

  • CVE-2025-37796May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: at76c50x: fix use after free access in at76_disconnect The memory pointed to by priv is freed at the end of at76_delete_device function (using ieee80211_free_hw). But the code then accesses the udev field

  • CVE-2025-37794May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Purge vif txq in ieee80211_do_stop() After ieee80211_do_stop() SKB from vif's txq could still be processed. Indeed another concurrent vif schedule_and_wake_txq call could cause those packets to

  • CVE-2025-37789May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.

  • CVE-2025-37780May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1] The handle_bytes value passed in by the reproducing program is equal to 12. In handle_to_path(), onl

  • CVE-2025-37752May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the c

  • CVE-2025-37749May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing s

  • CVE-2025-23161May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interru

  • CVE-2025-23150May 1, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free

  • CVE-2025-38637Apr 18, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc u

  • CVE-2021-47670Apr 17, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni().

  • CVE-2025-23136Apr 16, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 ("platform/x86: int3472: Check for adev == NULL"). Add

  • CVE-2025-22104Apr 16, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of

  • CVE-2025-22063Apr 16, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu

  • CVE-2025-22060Apr 16, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly acce

  • CVE-2025-22058Apr 16, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional

  • CVE-2025-22050Apr 16, 2025
    affected < 1-8.3.1fixed 1-8.3.1

    In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. This incons

Page 6 of 10