rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68730 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created | ||
| CVE-2025-68729 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type | ||
| CVE-2025-68728 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed mi_read in mi_format_new Fix a KMSAN un-init bug found by syzkaller. ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be uptodate. We do not bring the | ||
| CVE-2025-68727 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by __getname() Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN. | ||
| CVE-2025-68726 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize field in crypto_alg struct to replace type specific reqsize fields. It looks like this | ||
| CVE-2025-68724 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Use check_add_overflow() to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetric_k | ||
| CVE-2025-68380 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11k_wmi_send_peer_assoc_cmd(), peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as transmit MCS, which goes against firmwire's | ||
| CVE-2025-68379 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure A NULL pointer dereference can occur in rxe_srq_chk_attr() when ibv_modify_srq() is invoked twice in succession under certain error conditions. The | ||
| CVE-2025-68378 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in __bpf_get_stackid() Syzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid() when copying stack trace data. The issue occurs when the perf trace contains m | ||
| CVE-2025-68377 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ns: initialize ns_list_node for initial namespaces Make sure that the list is always initialized for initial namespaces. | ||
| CVE-2025-68376 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fix ETR buffer use-after-free issue When ETR is enabled as CS_MODE_SYSFS, if the buffer size is changed and enabled again, currently sysfs_buf will point to the newly allocated memory(buf_new) a | ||
| CVE-2025-68375 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intel_pmu_drain_pebs_icl() is called to drain PEBS records, the perf_event_overflow() could be called to process the last PEBS record. While | ||
| CVE-2025-68374 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: fix rcu protection in md_wakeup_thread We attempted to use RCU to protect the pointer 'thread', but directly passed the value when calling md_wakeup_thread(). This means that the RCU pointer has been acquir | ||
| CVE-2025-68373 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to del_gendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdi_unregi | ||
| CVE-2025-68372 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: nbd: defer config put in recv_work There is one uaf issue in recv_work when running NBD_CLEAR_SOCK and NBD_CMD_RECONFIGURE: nbd_genl_connect // conf_ref=2 (connect and recv_work A) nbd_open // co | ||
| CVE-2025-68371 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device | ||
| CVE-2025-68370 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUX_EVENT of each CPU and is required in perf mode. It has been added to the coresight_path so that dependent d | ||
| CVE-2025-68369 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the do_truncate() routine, causing the run_lock uninitialized error | ||
| CVE-2025-68368 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddev_init IO operations may be needed before md_run(), such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL po | ||
| CVE-2025-68367 | — | < 6.18.5-1.1 | 6.18.5-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse The following warning appears when running syzkaller, and this issue also exists in the mainline code. ------------[ cut here ]------------ li |
- CVE-2025-68730Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created
- CVE-2025-68729Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type
- CVE-2025-68728Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed mi_read in mi_format_new Fix a KMSAN un-init bug found by syzkaller. ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be uptodate. We do not bring the
- CVE-2025-68727Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by __getname() Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN.
- CVE-2025-68726Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize field in crypto_alg struct to replace type specific reqsize fields. It looks like this
- CVE-2025-68724Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Use check_add_overflow() to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetric_k
- CVE-2025-68380Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11k_wmi_send_peer_assoc_cmd(), peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as transmit MCS, which goes against firmwire's
- CVE-2025-68379Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure A NULL pointer dereference can occur in rxe_srq_chk_attr() when ibv_modify_srq() is invoked twice in succession under certain error conditions. The
- CVE-2025-68378Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in __bpf_get_stackid() Syzkaller reported a KASAN slab-out-of-bounds write in __bpf_get_stackid() when copying stack trace data. The issue occurs when the perf trace contains m
- CVE-2025-68377Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: ns: initialize ns_list_node for initial namespaces Make sure that the list is always initialized for initial namespaces.
- CVE-2025-68376Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fix ETR buffer use-after-free issue When ETR is enabled as CS_MODE_SYSFS, if the buffer size is changed and enabled again, currently sysfs_buf will point to the newly allocated memory(buf_new) a
- CVE-2025-68375Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intel_pmu_drain_pebs_icl() is called to drain PEBS records, the perf_event_overflow() could be called to process the last PEBS record. While
- CVE-2025-68374Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: md: fix rcu protection in md_wakeup_thread We attempted to use RCU to protect the pointer 'thread', but directly passed the value when calling md_wakeup_thread(). This means that the RCU pointer has been acquir
- CVE-2025-68373Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to del_gendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdi_unregi
- CVE-2025-68372Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config put in recv_work There is one uaf issue in recv_work when running NBD_CLEAR_SOCK and NBD_CMD_RECONFIGURE: nbd_genl_connect // conf_ref=2 (connect and recv_work A) nbd_open // co
- CVE-2025-68371Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device
- CVE-2025-68370Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUX_EVENT of each CPU and is required in perf mode. It has been added to the coresight_path so that dependent d
- CVE-2025-68369Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the do_truncate() routine, causing the run_lock uninitialized error
- CVE-2025-68368Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddev_init IO operations may be needed before md_run(), such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL po
- CVE-2025-68367Dec 24, 2025affected < 6.18.5-1.1fixed 6.18.5-1.1
In the Linux kernel, the following vulnerability has been resolved: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse The following warning appears when running syzkaller, and this issue also exists in the mainline code. ------------[ cut here ]------------ li
Page 26 of 72