rpm package
suse/kgraft-patch-SLE12-SP5_Update_76&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_76&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (155)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40006 | — | < 1-8.7.1 | 1-8.7.1 | Oct 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio | ||
| CVE-2022-50527 | — | < 1-8.7.1 | 1-8.7.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix size validation for non-exclusive domains (v4) Fix amdgpu_bo_validate_size() to check whether the TTM domain manager for the requested memory exists, else we get a kernel oops when dereferencing | ||
| CVE-2023-53454 | — | < 1-8.7.1 | 1-8.7.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le | ||
| CVE-2023-53176 | — | < 1-8.7.1 | 1-8.7.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port->pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the generic serial8250 driver takes over the port. After that we see an oops about 10 sec | ||
| CVE-2025-38728 | Hig | 7.1 | < 1-8.7.1 | 1-8.7.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces() (see below): BUG: KASA | |
| CVE-2025-38336 | — | < 1-8.7.1 | 1-8.7.1 | Jul 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device atta | ||
| CVE-2025-38085 | — | < 1-8.7.1 | 1-8.7.1 | Jun 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table us | ||
| CVE-2022-49975 | — | < 1-8.7.1 | 1-8.7.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pkt_len Syzbot found an issue [1]: fq_codel_drop() try to drop a flow whitout any skbs, that is, the flow->head is null. The root cause, as the [2] says, is because that | ||
| CVE-2023-53020 | — | < 1-8.7.1 | 1-8.7.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in l2tp_tunnel_register() is racy in several ways: 1. It modifies the tunnel socket _after_ publishing it. 2. It calls setup_udp_tunnel_sock( | ||
| CVE-2025-21738 | — | < 3-2.1 | 3-2.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com | ||
| CVE-2022-49604 | — | < 1-8.7.1 | 1-8.7.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. | ||
| CVE-2022-49546 | — | < 1-8.7.1 | 1-8.7.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 (size 4096): comm "kexec", pid 14950, jiffies 4295110793 (age 373.951s) hex dum | ||
| CVE-2023-20569 | — | < 1-8.7.1 | 1-8.7.1 | Aug 8, 2023 | A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||
| CVE-2023-4132 | — | < 1-8.7.1 | 1-8.7.1 | Aug 3, 2023 | A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition. | ||
| CVE-2023-23559 | — | < 1-8.7.1 | 1-8.7.1 | Jan 13, 2023 | In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. |
- CVE-2025-40006Oct 20, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio
- CVE-2022-50527Oct 7, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix size validation for non-exclusive domains (v4) Fix amdgpu_bo_validate_size() to check whether the TTM domain manager for the requested memory exists, else we get a kernel oops when dereferencing
- CVE-2023-53454Oct 1, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le
- CVE-2023-53176Sep 15, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port->pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the generic serial8250 driver takes over the port. After that we see an oops about 10 sec
- affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces() (see below): BUG: KASA
- CVE-2025-38336Jul 10, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device atta
- CVE-2025-38085Jun 28, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table us
- CVE-2022-49975Jun 18, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pkt_len Syzbot found an issue [1]: fq_codel_drop() try to drop a flow whitout any skbs, that is, the flow->head is null. The root cause, as the [2] says, is because that
- CVE-2023-53020Mar 27, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in l2tp_tunnel_register() is racy in several ways: 1. It modifies the tunnel socket _after_ publishing it. 2. It calls setup_udp_tunnel_sock(
- CVE-2025-21738Feb 27, 2025affected < 3-2.1fixed 3-2.1
In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com
- CVE-2022-49604Feb 26, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_fwd_use_pmtu. While reading sysctl_ip_fwd_use_pmtu, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers.
- CVE-2022-49546Feb 26, 2025affected < 1-8.7.1fixed 1-8.7.1
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 (size 4096): comm "kexec", pid 14950, jiffies 4295110793 (age 373.951s) hex dum
- CVE-2023-20569Aug 8, 2023affected < 1-8.7.1fixed 1-8.7.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
- CVE-2023-4132Aug 3, 2023affected < 1-8.7.1fixed 1-8.7.1
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.
- CVE-2023-23559Jan 13, 2023affected < 1-8.7.1fixed 1-8.7.1
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
Page 8 of 8