kgraft-patch-SLE12-SP5_Update_71 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_71, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (103)
CVE-2026-31402 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay…
CVE-2026-43503 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers…
CVE-2022-50386 — CVSS 8.0 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_z…
CVE-2025-38079 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is…
CVE-2022-50030 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2026-23209 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided…
CVE-2025-38494 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is…
CVE-2025-38068 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression…
CVE-2026-46323 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() can currently copy…
CVE-2026-23191 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of…
CVE-2025-38618 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a…
CVE-2021-46984 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge(…
CVE-2026-23074 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design…
CVE-2026-22999 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class()…
CVE-2025-38157 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious…
CVE-2022-49969 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock [Why]…
CVE-2024-46713 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that…
CVE-2025-38180 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure…
CVE-2025-21731 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nbd: don't allow reconnect after disconnect Following process can cause…
CVE-2025-21928 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The…
CVE-2025-38198 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like…
CVE-2025-37798 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()…
CVE-2025-38211 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction…
CVE-2025-38212 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it…
CVE-2026-23268 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy…
CVE-2025-38250 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported…
CVE-2025-37885 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable…
CVE-2026-31504 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race…
CVE-2022-49934 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx()…
CVE-2025-38323 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: atm: add lec_mutex syzbot found its way in net/atm/lec.c, and…
CVE-2022-50252 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential…
CVE-2025-38350 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty…
CVE-2025-38375 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size…
CVE-2025-38403 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing…
CVE-2025-38415 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an…
CVE-2022-50103 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed…
CVE-2024-26982 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero…
CVE-2025-38249 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3(…
CVE-2023-53117 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file…
CVE-2024-49861 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that…
CVE-2022-49948 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console…
CVE-2024-26974 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI…
CVE-2025-38108 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a…
CVE-2025-38051 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race…
CVE-2022-49138 — CVSS 5.7 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Ignore multiple conn complete events When one of…
CVE-2025-38499 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the…
CVE-2025-71120 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in…
CVE-2025-38644 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated…
CVE-2021-46987 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There…
CVE-2022-4129 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race…
CVE-2022-49319 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: check return value after calling…
CVE-2022-49323 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()…
CVE-2022-49768 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: 9p: trans_fd/p9_conn_cancel: drop client lock earlier syzbot reported a…
CVE-2022-49825 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tport_add() In…
CVE-2022-49993 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can…
CVE-2022-50025 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: cxl: Fix a memory leak in an error handling path A bitmap_zalloc() must…
CVE-2022-50027 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE…
CVE-2022-50033 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-ppc-of: Fix refcount leak bug In ohci_hcd_ppc_of_probe()…
CVE-2022-50149 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in __driver_attach In…
CVE-2022-50226 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel…
CVE-2023-52878 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb…
CVE-2023-53118 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression…
CVE-2024-44963 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() when freeing tree block after error When freeing…
CVE-2025-23163 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock…
CVE-2025-37856 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: harden block_group::bg_list against list_del() races As far as I…
CVE-2025-38034 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref…
CVE-2025-38035 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null sk_state_change queue->state_change is…
CVE-2025-38040 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The…
CVE-2025-38058 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under…
CVE-2025-38064 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on device_shutdown() Hongyu…
CVE-2025-38074 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq->log_used with vq->mutex The vhost-scsi…
CVE-2025-38094 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macb_halt_tx. There is a…
CVE-2025-38105 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code…
CVE-2025-38115 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: fix a potential crash on gso_skb handling SFQ has…
CVE-2025-38126 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring…
CVE-2025-38147 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AF_INET sk. syzkaller…
CVE-2025-38161 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Upon…
CVE-2025-38166 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here…
CVE-2025-38177 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not…
CVE-2025-38181 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller…
CVE-2025-38192 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46…
CVE-2025-38193 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported…
CVE-2025-38200 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When…
CVE-2025-38222 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running…
CVE-2025-38264 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in…
CVE-2025-38312 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() In…
CVE-2025-38319 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in…
CVE-2025-38337 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()…
CVE-2025-38391 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pin_assignments…
CVE-2025-38420 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware…
CVE-2025-38468 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree…
CVE-2025-38495 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved…
CVE-2025-38498 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure…
CVE-2025-38112 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable…
CVE-2025-37920 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AF_XDP generic RX path Move rx_lock from…
CVE-2025-38477 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race…
CVE-2023-53020 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in…
CVE-2025-38617 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When…
CVE-2025-38213: Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-39973: In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter…
CVE-2025-40018: In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns…
CVE-2023-53794: In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free…