kgraft-patch-SLE12-SP5_Update_61 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_61, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (129)
CVE-2024-8805 — CVSS 8.8 (high): BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent…
CVE-2022-50386 — CVSS 8.0 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_z…
CVE-2025-38212 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it…
CVE-2022-50252 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential…
CVE-2025-38494 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is…
CVE-2024-53156 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()…
CVE-2024-53168 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG…
CVE-2024-53173 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang…
CVE-2024-53214 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There…
CVE-2024-56600 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create()…
CVE-2024-56601 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create()…
CVE-2024-56605 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in…
CVE-2022-48788 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work…
CVE-2025-21702 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected…
CVE-2025-21772 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several…
CVE-2025-21791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be…
CVE-2022-49179 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oom_bfqq Our test report a UAF: [ 2073.019181]…
CVE-2025-37797 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch…
CVE-2022-49465 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In…
CVE-2022-48789 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work…
CVE-2022-48943 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async…
CVE-2024-46738 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in…
CVE-2022-48791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a…
CVE-2024-46744 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN…
CVE-2025-38618 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a…
CVE-2025-38079 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is…
CVE-2024-46759 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes…
CVE-2025-38000 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()…
CVE-2022-48956 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed…
CVE-2024-41073 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to…
CVE-2024-44987 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in…
CVE-2025-37752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: move the limit validation It is not sufficient to…
CVE-2024-46818 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW]…
CVE-2024-44998 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeue_rx() We can't…
CVE-2024-46853 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy…
CVE-2024-46859 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses…
CVE-2022-49014 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported…
CVE-2022-49053 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page()…
CVE-2024-50125 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been…
CVE-2024-50264 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in…
CVE-2024-46673 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls…
CVE-2024-46722 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning Clear warning that…
CVE-2024-46723 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that…
CVE-2024-50279 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing…
CVE-2024-50301 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission KASAN…
CVE-2024-46743 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk…
CVE-2024-46854 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETH_ZLEN When sending packets under 60 bytes…
CVE-2024-38381 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following…
CVE-2024-56650 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has…
CVE-2024-44999 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtp_dev_xmit() syzbot/KMSAN reported use…
CVE-2024-49860 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects…
CVE-2024-46774 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()…
CVE-2024-50115 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore…
CVE-2024-46731 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may…
CVE-2024-56664 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element…
CVE-2024-50154 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin…
CVE-2022-48790 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load…
CVE-2024-57893 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer…
CVE-2025-38644 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated…
CVE-2022-48799 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list…
CVE-2022-48844 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix leaking sent_cmd skb sent_cmd memory is not…
CVE-2022-48911 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The…
CVE-2022-48945 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug…
CVE-2022-49080 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is…
CVE-2022-49545 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At…
CVE-2022-49563 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source…
CVE-2022-49564 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source…
CVE-2023-52915 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer…
CVE-2024-38632 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable() If…
CVE-2024-41079 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the…
CVE-2024-41082 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some…
CVE-2024-42265 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both…
CVE-2024-42305 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot…
CVE-2024-42306 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem…
CVE-2024-43884 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device()…
CVE-2024-43890 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in…
CVE-2024-43912 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the…
CVE-2024-43914 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling…
CVE-2024-44946 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported…
CVE-2024-44947 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate…
CVE-2024-44948 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an…
CVE-2024-44950 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix invalid FIFO access with special register set…
CVE-2024-44969 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for…
CVE-2024-44982 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails If the…
CVE-2024-45008 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at…
CVE-2024-45016 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in…
CVE-2024-46675 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access…
CVE-2024-46676 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols…
CVE-2024-46677 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup()…
CVE-2024-46685 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function()…
CVE-2024-46686 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This…
CVE-2024-46702 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed…
CVE-2024-46707 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 On a…
CVE-2024-46715 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some…
CVE-2024-46721 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile->parent->dents[A…
CVE-2024-46737 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the…
CVE-2024-46739 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind…
CVE-2024-46745 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When…
CVE-2024-46750 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true…
CVE-2024-46753 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we…
CVE-2024-46761 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug…
CVE-2024-46770 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool…
CVE-2024-46783 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in…
CVE-2024-46784 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup…
CVE-2024-46822 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In…
CVE-2024-47674 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann…
CVE-2024-47684 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines…
CVE-2024-47706 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial…
CVE-2024-53146 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >=…
CVE-2024-57996 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current…
CVE-2025-21971 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function…
CVE-2025-38177 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not…
CVE-2025-38181 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller…
CVE-2025-38495 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved…
CVE-2025-38498 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure…
CVE-2025-38499 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the…
CVE-2021-47387 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables…
CVE-2024-38596 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A…
CVE-2024-44954 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent…
CVE-2025-38083 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race…
CVE-2025-38617 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When…
CVE-2025-38477 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race…
CVE-2024-46787 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix…
CVE-2024-46679 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs…
CVE-2024-42154 — CVSS 4.4 (medium): In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking…
CVE-2024-43898: Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-44952: Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.