rpm package

suse/kgraft-patch-SLE12-SP5_Update_72&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_72&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (90)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-50409		—	< 4-2.1	4-2.1	Sep 18, 2025	In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory Fixes the below NULL pointer dereference: [...] [ 14.471200] Call Trace: [ 14.471562] [ 14.471882] lock_acquire+0x
CVE-2022-50386		—	< 2-2.1	2-2.1	Sep 18, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct
CVE-2022-50367		—	< 4-2.1	4-2.1	Sep 17, 2025	In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode(
CVE-2023-53321		—	< 5-2.1	5-2.1	Sep 16, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require t
CVE-2022-50327		—	< 4-2.1	4-2.1	Sep 15, 2025	In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje
CVE-2022-50252		—	< 3-4.1	3-4.1	Sep 15, 2025	In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v
CVE-2025-38644		—	< 1-8.3.1	1-8.3.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before associati
CVE-2025-38618		—	< 1-8.3.1	1-8.3.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac
CVE-2025-38617		—	< 1-8.3.1	1-8.3.1	Aug 22, 2025	In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a
CVE-2025-38572		—	< 4-2.1	4-2.1	Aug 19, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6_gso_segment() syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb->transport_header. This 16bit field has a limited rang
CVE-2025-38565		—	< 1-8.3.1	1-8.3.1	Aug 19, 2025	In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed refere
CVE-2025-38563		—	< 1-8.3.1	1-8.3.1	Aug 19, 2025	In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap()'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first
CVE-2025-38556		—	< 1-8.3.1	1-8.3.1	Aug 19, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity.
CVE-2025-38546		—	< 1-8.3.1	1-8.3.1	Aug 16, 2025	In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clip_vcc. ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to vcc->user_back. The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the sock
CVE-2025-38515		—	< 1-8.3.1	1-8.3.1	Aug 16, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spsc_queue_push and the run-job worker, in which spsc_queue_push may return not-first while the run-job worker has alre
CVE-2025-38513		—	< 1-8.3.1	1-8.3.1	Aug 16, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For example, the following is possible: T0 T1 zd_m
CVE-2025-38512		—	< 1-8.3.1	1-8.3.1	Aug 16, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAt
CVE-2025-38499	Med	5.5	< 1-8.3.1	1-8.3.1	Aug 11, 2025	In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be
CVE-2022-50233		—	< 4-2.1	4-2.1	Aug 9, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting
CVE-2025-38498	Med	5.5	< 1-8.3.1	1-8.3.1	Jul 30, 2025	In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

CVE-2022-50409Sep 18, 2025
affected < 4-2.1fixed 4-2.1
In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory Fixes the below NULL pointer dereference: [...] [ 14.471200] Call Trace: [ 14.471562] [ 14.471882] lock_acquire+0x
CVE-2022-50386Sep 18, 2025
affected < 2-2.1fixed 2-2.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct
CVE-2022-50367Sep 17, 2025
affected < 4-2.1fixed 4-2.1
In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode(
CVE-2023-53321Sep 16, 2025
affected < 5-2.1fixed 5-2.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require t
CVE-2022-50327Sep 15, 2025
affected < 4-2.1fixed 4-2.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje
CVE-2022-50252Sep 15, 2025
affected < 3-4.1fixed 3-4.1
In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v
CVE-2025-38644Aug 22, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before associati
CVE-2025-38618Aug 22, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac
CVE-2025-38617Aug 22, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a
CVE-2025-38572Aug 19, 2025
affected < 4-2.1fixed 4-2.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6_gso_segment() syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb->transport_header. This 16bit field has a limited rang
CVE-2025-38565Aug 19, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed refere
CVE-2025-38563Aug 19, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap()'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first
CVE-2025-38556Aug 19, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity.
CVE-2025-38546Aug 16, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clip_vcc. ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to vcc->user_back. The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the sock
CVE-2025-38515Aug 16, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spsc_queue_push and the run-job worker, in which spsc_queue_push may return not-first while the run-job worker has alre
CVE-2025-38513Aug 16, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For example, the following is possible: T0 T1 zd_m
CVE-2025-38512Aug 16, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAt
CVE-2025-38499MedAug 11, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be
CVE-2022-50233Aug 9, 2025
affected < 4-2.1fixed 4-2.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting
CVE-2025-38498MedJul 30, 2025
affected < 1-8.3.1fixed 1-8.3.1
In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

Page 2 of 5