VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_70&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_70&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (150)

  • CVE-2025-38078Jun 18, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization (or reconfiguration) of a stream with the explicit call of snd_pcm_forma

  • CVE-2025-38072Jun 18, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its memory device information (Identify Memory Device (Opcode 4000h), CXL spec. 3.1, 8.

  • CVE-2025-38061Jun 18, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() Honour the user given buffer size for the strn_len() calls (otherwise strn_len() will access memory outside of the user given buffer

  • CVE-2025-38024Jun 18, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/

  • CVE-2025-38023Jun 18, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: nfs: handle failure of nfs_get_lock_context in unlock path When memory is insufficient, the allocation of nfs_lock_context in nfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat an nfs4_unl

  • CVE-2025-38004Jun 8, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at

  • CVE-2025-38000Jun 6, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

  • CVE-2025-37998May 29, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in output_userspace() This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensures that only well-formed a

  • CVE-2025-37995May 29, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobject_put() is safe for module type kobjects In 'lookup_or_create_module_kobject()', an internal kobject is created using 'module_ktype'. So call to 'kobject_put()' on error handling path

  • CVE-2025-37992May 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: Flush gso_skb list too during ->change() Previously, when reducing a qdisc's limit via the ->change() operation, only the main skb queue was trimmed, potentially leaving packets in the gso_skb list.

  • CVE-2025-37980MedMay 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_

  • CVE-2025-37982May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251_tx_work The skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails with a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.

  • CVE-2025-37961May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in do_output_route4 syzbot reports for uninit-value for the saddr argument [1]. commit 4754957f04f5 ("ipvs: do not use random local source address for tunnels") already implies

  • CVE-2025-37928May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet are enabled. [ 129.444685][ T934] BUG: sleeping function called from invalid con

  • CVE-2025-37927May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIID_LEN against a total string length doesn

  • CVE-2025-37923May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in trace_seq_to_buffer() syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/tr

  • CVE-2025-37911May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix out-of-bound memcpy() during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [

  • CVE-2025-37892May 20, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftl_read_oob() In INFTL_findwriteunit(), the return value of inftl_read_oob() need to be checked. A proper implementation can be found in INFTL_deleteblock(). The status wi

  • CVE-2023-53145May 10, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs wi

  • CVE-2025-37862May 9, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optio

Page 5 of 8