rpm package
suse/kgraft-patch-SLE12-SP5_Update_70&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_70&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (150)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-37844 | — | < 1-8.5.1 | 1-8.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting | ||
| CVE-2025-37836 | — | < 1-8.5.1 | 1-8.5.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fails, call put_device() to give up the reference to avoid a memory leak, per the comment at device_register(). Found by code review. | ||
| CVE-2025-37810 | — | < 1-8.5.1 | 1-8.5.1 | May 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu | ||
| CVE-2025-37800 | — | < 1-8.5.1 | 1-8.5.1 | May 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential NULL pointer dereference in dev_uevent() If userspace reads "uevent" device attribute at the same time as another threads unbinds the device from its driver, change to dev->driver fro | ||
| CVE-2022-21546 | — | < 1-8.5.1 | 1-8.5.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITE_SAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sg_w | ||
| CVE-2023-53133 | Med | 5.5 | < 1-8.5.1 | 1-8.5.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup | |
| CVE-2023-53091 | — | < 1-8.5.1 | 1-8.5.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: update s_journal_inum if it changes after journal replay When mounting a crafted ext4 image, s_journal_inum may change after journal replay, which is obviously unreasonable because we have successfully lo | ||
| CVE-2023-53090 | — | < 1-8.5.1 | 1-8.5.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by alloc_event_waiters(), but the event field of the waiter structure is not initialize | ||
| CVE-2023-53081 | — | < 1-8.5.1 | 1-8.5.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2_write_end_nolock() just zeroes out and dirties the page. This can leave dirty page be | ||
| CVE-2022-49921 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in red_enqueue() We can't use "skb" again after passing it to qdisc_enqueue(). This is basically identical to commit 2f09707d0c97 ("sch_sfb: Also store skb len before calling chi | ||
| CVE-2022-49917 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file | ||
| CVE-2022-49881 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_now | ||
| CVE-2022-49879 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk() | ||
| CVE-2022-49814 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on sk_receive_queue sk->sk_receive_queue is protected by skb queue lock, but for KCM sockets its RX path takes mux->rx_lock to protect more than just skb queue. However, kcm_recvmsg() | ||
| CVE-2022-49780 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_regist | ||
| CVE-2022-49764 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot [1] about warnings that were caused by bpf program attached to contention_begin raw tracepoint triggering the same tracepoi | ||
| CVE-2025-37756 | Med | 5.5 | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us | |
| CVE-2025-37781 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also b | ||
| CVE-2025-37757 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to memory le | ||
| CVE-2025-23149 | — | < 1-8.5.1 | 1-8.5.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can lead to a spurious tpm_chip_start() call: [35985.503771] i2c i2c-1: Transfer while suspended [35 |
- CVE-2025-37844May 9, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting
- CVE-2025-37836May 9, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fails, call put_device() to give up the reference to avoid a memory leak, per the comment at device_register(). Found by code review.
- CVE-2025-37810May 8, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
- CVE-2025-37800May 8, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential NULL pointer dereference in dev_uevent() If userspace reads "uevent" device attribute at the same time as another threads unbinds the device from its driver, change to dev->driver fro
- CVE-2022-21546May 2, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITE_SAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sg_w
- affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup
- CVE-2023-53091May 2, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: update s_journal_inum if it changes after journal replay When mounting a crafted ext4 image, s_journal_inum may change after journal replay, which is obviously unreasonable because we have successfully lo
- CVE-2023-53090May 2, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by alloc_event_waiters(), but the event field of the waiter structure is not initialize
- CVE-2023-53081May 2, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2_write_end_nolock() just zeroes out and dirties the page. This can leave dirty page be
- CVE-2022-49921May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in red_enqueue() We can't use "skb" again after passing it to qdisc_enqueue(). This is basically identical to commit 2f09707d0c97 ("sch_sfb: Also store skb len before calling chi
- CVE-2022-49917May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file
- CVE-2022-49881May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_now
- CVE-2022-49879May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk()
- CVE-2022-49814May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on sk_receive_queue sk->sk_receive_queue is protected by skb queue lock, but for KCM sockets its RX path takes mux->rx_lock to protect more than just skb queue. However, kcm_recvmsg()
- CVE-2022-49780May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As comment of device_regist
- CVE-2022-49764May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot [1] about warnings that were caused by bpf program attached to contention_begin raw tracepoint triggering the same tracepoi
- affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us
- CVE-2025-37781May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also b
- CVE-2025-37757May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to memory le
- CVE-2025-23149May 1, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can lead to a spurious tpm_chip_start() call: [35985.503771] i2c i2c-1: Transfer while suspended [35
Page 6 of 8