VYPR

rpm package

opensuse/kernel-azure&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0

Vulnerabilities (643)

  • CVE-2025-68174Dec 16, 2025
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfd_processes_table is empty. kfd_prcesses_table entry is deleted in kfd_process_notifier_release, but kfd_proces

  • CVE-2025-68173Dec 16, 2025
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftrace_module_enable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsyms_lookup can spend too much time in RC

  • CVE-2025-68172Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp

  • CVE-2025-68171Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace: fpu__cle

  • CVE-2025-68170Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree() devres managed rdev Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() rdev is managed by devres and we shouldn't be calling kfree() on it. This f

  • CVE-2025-68167Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix invalid pointer access in debugfs If the memory allocation in gpiolib_seq_start() fails, the s->private field remains uninitialized and is later dereferenced without checking in gpiolib_seq_stop().

  • CVE-2025-40363Dec 16, 2025
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6_output() and ah6_output_done() where extension headers are copied to/from IPv6 address fields, triggering fort

  • CVE-2025-40362Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs

  • CVE-2025-40360Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plan

  • CVE-2025-40359Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ===================================================

  • CVE-2025-40357Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag_dump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 [#1] SMP KASAN NOPTI KASAN: m

  • CVE-2025-40355Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: sysfs: check visibility before changing group attribute ownership Since commit 0c17270f9b92 ("net: sysfs: Implement is_visible for phys_(port_id, port_name, switch_id)"), __dev_change_net_namespace() can hit WA

  • CVE-2025-40354Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link->enc NULL pointer access [why] 1.) dc->links[MAX_LINKS] array size smaller than actual requested. max_connector + max_dpia + 4 virtual = 14. increase from 1

  • CVE-2025-40353Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copy_highpage() The arm64 copy_highpage() assumes that the destination page is newly allocated and not MTE-tagged (PG_mte_tagged unset) and warns accordi

  • CVE-2025-40350Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ XDP programs can change the layout of an xdp_buff through bpf_xdp_adjust_tail() and bpf_xdp_adjust_head(). Therefore, the driver cannot

  • CVE-2025-40347Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetc_mdio_lock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the re

  • CVE-2025-40346Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The c

  • CVE-2025-68223Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with

  • CVE-2025-68211Dec 16, 2025
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item Currently, scan_get_next_rmap_item() walks every page address in a VMA to locate mergeable pages. This becomes highly inefficient when

  • CVE-2025-40345Dec 12, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report val

Page 24 of 33