VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_84&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_84&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (84)

  • CVE-2025-10263CriJun 9, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher ex

  • CVE-2026-46273HigJun 3, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapte

  • CVE-2026-46259HigJun 3, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]/stat, do_task_stat() accesses task->real_parent without proper RCU protection, which leads to: cpu 0

  • CVE-2026-46181HigMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() Sashiko points out the radix_tree itself is RCU safe, but nothing ever frees the mlx4_srq struct with RCU, and it isn't even accessed within the RCU critical se

  • CVE-2026-46169MedMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplus_strcasecmp(). The root cause is that hfs_brec_read() doesn't validate that the on-disk record si

  • CVE-2026-46160MedMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix missing last_unlink_trans update when removing a directory When removing a directory we are not updating its last_unlink_trans field, which can result in incorrect fsync behaviour in case some one fs

  • CVE-2026-46159MedMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak btrfs_ioctl_space_info() has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entrie

  • CVE-2026-46157HigMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it ma

  • CVE-2026-46150HigMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotify_get_mark_safe() may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached mark

  • CVE-2026-46116HigMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete KASAN reproduces a slab-use-after-free in __xfrm_state_delete()'s hlist_del_rcu calls under syzkaller load on linux-6.12.y stable (reproduced on

  • CVE-2026-46113HigMay 28, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index. This assumption breaks for shadow paging if the guest pag

  • CVE-2026-46090HigMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopback_check_format() may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa6

  • CVE-2026-46043CriMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() currently checks only that the incoming packet is at least header_size(pkt) bytes long before payload_size() is used. However, payload

  • CVE-2026-46024HigMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() If a message of type CEPH_MSG_AUTH_REPLY contains a zero value for both protocol and result, this is currently not treated as an error. In c

  • CVE-2026-46021MedMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermal_zone_device_register_with_trips() fails after adding a thermal governor to the thermal zone being registered, the governor is not removed from

  • CVE-2026-45983MedMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops (e.g. SETATTR) can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time

  • CVE-2026-45970HigMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlb_arp_recv during bond up/down The ALB RX path may access rx_hashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlb_deinitialize() frees rx_hashtbl while RX ha

  • CVE-2026-45870May 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths The gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() functions allocate memory via gssx_dec_buffer(), which calls kmemdup(). When a subsequen

  • CVE-2026-45852HigMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxe_srq_from_init In rxe_srq_from_init(), the queue pointer 'q' is assigned to 'srq->rq.queue' before copying the SRQ number to user space. If copy_to_user() fails, the function cal

  • CVE-2026-45843HigMay 27, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: slip: bound decode() reads against the compressed packet length slhc_uncompress() parses a VJ-compressed TCP header by advancing a pointer through the packet via decode() and pull16(). Neither helper bounds-che

Page 1 of 5