rpm package

opensuse/kernel-azure&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0

Vulnerabilities (643)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-40130		—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Nov 12, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_latency_qos_add/remove/update_request interfaces lack internal synchronization by design, requiring the caller to ensure thread safe
CVE-2025-40123		—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Nov 12, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expected_attach_type for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpf_prog_test_run_xdp() function within the Li
CVE-2025-40106		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Oct 31, 2025	In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedi_buf_munge() The comedi_buf_munge() function performs a modulo operation `async->munge_chan %= async->cmd.chanlist_len` without first checking if chanlist_len is zero. If a u
CVE-2025-40103		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Oct 30, 2025	In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifs_sb_tlink Fix three refcount inconsistency issues related to `cifs_sb_tlink`. Comments for `cifs_sb_tlink` state that `cifs_put_tlink()` needs to be called after successf
CVE-2025-40099		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Oct 30, 2025	In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of
CVE-2025-40097		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Oct 30, 2025	In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hda_component_manager_init function The __component_match_add function may assign the 'matchptr' pointer the value ERR_PTR(-ENOMEM), which will subsequently be dereferenc
CVE-2025-40045		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: set the comp soundwire port correctly For some reason we endup with setting soundwire port for HPHL_COMP and HPHR_COMP as zero, this can potentially result in a memory corruption due to a
CVE-2025-40042		—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11
CVE-2025-40030		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux
CVE-2025-39998		—	< 6.12.0-160000.28.1	6.12.0-160000.28.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in
CVE-2025-39977		—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule()
CVE-2025-39964		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Oct 13, 2025	In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes m
CVE-2025-39927		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating r_parent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions
CVE-2025-39913		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(
CVE-2025-39880		—	< 6.12.0-160000.9.1	6.12.0-160000.9.1	Sep 23, 2025	In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to ceph_connection_v1_info There is a place where generic code in messenger.c is reading and another place where it is writing to con->v1 union member without checking that the uni
CVE-2025-39817	Hig	7.1	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Sep 16, 2025	In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6 (present on master as well): BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasan_check_range+0xe8/0x190
CVE-2025-39813	Med	4.7	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Sep 16, 2025	In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race co
CVE-2025-39829		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Sep 16, 2025	In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already registered WARNING: CPU: 2 PID: 86
CVE-2025-39814		—	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Sep 16, 2025	In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset when the driver is loaded without RDMA support, will results in a crash as it attempts to remove RDMA's non-existent auxbus dev
CVE-2025-39795	Med	5.5	< 6.12.0-160000.26.1	6.12.0-160000.26.1	Sep 12, 2025	In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by findi

CVE-2025-40130Nov 12, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_latency_qos_add/remove/update_request interfaces lack internal synchronization by design, requiring the caller to ensure thread safe
CVE-2025-40123Nov 12, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expected_attach_type for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpf_prog_test_run_xdp() function within the Li
CVE-2025-40106Oct 31, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedi_buf_munge() The comedi_buf_munge() function performs a modulo operation `async->munge_chan %= async->cmd.chanlist_len` without first checking if chanlist_len is zero. If a u
CVE-2025-40103Oct 30, 2025
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifs_sb_tlink Fix three refcount inconsistency issues related to `cifs_sb_tlink`. Comments for `cifs_sb_tlink` state that `cifs_put_tlink()` needs to be called after successf
CVE-2025-40099Oct 30, 2025
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of
CVE-2025-40097Oct 30, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hda_component_manager_init function The __component_match_add function may assign the 'matchptr' pointer the value ERR_PTR(-ENOMEM), which will subsequently be dereferenc
CVE-2025-40045Oct 28, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: set the comp soundwire port correctly For some reason we endup with setting soundwire port for HPHL_COMP and HPHR_COMP as zero, this can potentially result in a memory corruption due to a
CVE-2025-40042Oct 28, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11
CVE-2025-40030Oct 28, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux
CVE-2025-39998Oct 15, 2025
affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in
CVE-2025-39977Oct 15, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule()
CVE-2025-39964Oct 13, 2025
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes m
CVE-2025-39927Oct 1, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating r_parent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions
CVE-2025-39913Oct 1, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(
CVE-2025-39880Sep 23, 2025
affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1
In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to ceph_connection_v1_info There is a place where generic code in messenger.c is reading and another place where it is writing to con->v1 union member without checking that the uni
CVE-2025-39817HigSep 16, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6 (present on master as well): BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasan_check_range+0xe8/0x190
CVE-2025-39813MedSep 16, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race co
CVE-2025-39829Sep 16, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already registered WARNING: CPU: 2 PID: 86
CVE-2025-39814Sep 16, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset when the driver is loaded without RDMA support, will results in a crash as it attempts to remove RDMA's non-existent auxbus dev
CVE-2025-39795MedSep 12, 2025
affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by findi

Page 30 of 33