rpm package

opensuse/kernel-azure&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0

Vulnerabilities (643)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-71076	—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Jan 13, 2026	In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations.
CVE-2025-71073	—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Jan 13, 2026	In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbd_interrupt() schedules lk->tq via schedule_work(), and the work handler lkkbd_reinit() dereferences the lkkbd structure and its serio/input_dev fie
CVE-2025-71071	—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Jan 13, 2026	In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use
CVE-2025-68766	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values
CVE-2025-68765	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error
CVE-2025-68764	—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.
CVE-2025-68759	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success
CVE-2025-68758	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a
CVE-2025-68757	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().
CVE-2025-68753	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Jan 5, 2026	In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite
CVE-2025-68750	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbg_make_tpg() The variable tpgt in usbg_make_tpg() is defined as unsigned long and is assigned to tpgt->tport_tpgt, which is defined as u16. This may cause an integer overfl
CVE-2025-68748	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are ye
CVE-2025-68747	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should
CVE-2025-68746	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer t
CVE-2025-68745	—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx: target: Fix offline port handling and host reset handling") caused two problems: 1. Commands sent to FW, after chip reset got stu
CVE-2025-68744	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory refe
CVE-2025-68743	—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a regi
CVE-2025-68742	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows
CVE-2025-68741	—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(). The qla24xx_alloc_pur
CVE-2025-68740	—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Dec 24, 2025	In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by ima_filter_rule_match() In ima_match_rules(), if ima_filter_rule_match() returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if (!rc)' check and se

CVE-2025-71076Jan 13, 2026
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations.
CVE-2025-71073Jan 13, 2026
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbd_interrupt() schedules lk->tq via schedule_work(), and the work handler lkkbd_reinit() dereferences the lkkbd structure and its serio/input_dev fie
CVE-2025-71071Jan 13, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use
CVE-2025-68766Jan 5, 2026
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values
CVE-2025-68765Jan 5, 2026
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error
CVE-2025-68764Jan 5, 2026
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.
CVE-2025-68759Jan 5, 2026
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success
CVE-2025-68758Jan 5, 2026
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a
CVE-2025-68757Jan 5, 2026
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().
CVE-2025-68753Jan 5, 2026
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite
CVE-2025-68750Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbg_make_tpg() The variable tpgt in usbg_make_tpg() is defined as unsigned long and is assigned to tpgt->tport_tpgt, which is defined as u16. This may cause an integer overfl
CVE-2025-68748Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are ye
CVE-2025-68747Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should
CVE-2025-68746Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer t
CVE-2025-68745Dec 24, 2025
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx: target: Fix offline port handling and host reset handling") caused two problems: 1. Commands sent to FW, after chip reset got stu
CVE-2025-68744Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory refe
CVE-2025-68743Dec 24, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a regi
CVE-2025-68742Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows
CVE-2025-68741Dec 24, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(). The qla24xx_alloc_pur
CVE-2025-68740Dec 24, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by ima_filter_rule_match() In ima_match_rules(), if ima_filter_rule_match() returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if (!rc)' check and se

Page 17 of 33