rpm package
opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed
Vulnerabilities (694)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68744 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory refe | ||
| CVE-2025-68743 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a regi | ||
| CVE-2025-68742 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows | ||
| CVE-2025-68741 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(). The qla24xx_alloc_pur | ||
| CVE-2025-68740 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by ima_filter_rule_match() In ima_match_rules(), if ima_filter_rule_match() returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if (!rc)' check and se | ||
| CVE-2025-68739 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling dev_pm_opp_put(opp) to maintain correct resource acquisition and release order. | ||
| CVE-2025-68738 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx() If a link does not have an assigned channel yet, mt7996_vif_link returns NULL. We still need to store the updated queue settings in that case, and | ||
| CVE-2025-68737 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: Propagate return value from __change_memory_common The rodata=on security measure requires that any code path which does vmalloc -> set_memory_ro/set_memory_rox must protect the linear map alias | ||
| CVE-2025-68736 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mou | ||
| CVE-2025-68735 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUP_CREATE ioctl function, which arose as pointer to the group is accessed in that io | ||
| CVE-2025-68749 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpu_gem_bo_free() removes the BO from the BOs list before it gets unmapped. Then file_p | ||
| CVE-2025-68733 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: smack: fix bug: unprivileged task can create labels If an unprivileged task is allowed to relabel itself (/smack/relabel-self is not empty), it can freely create new labels by writing their names into own /proc | ||
| CVE-2025-68732 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa | ||
| CVE-2025-68731 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2_pci.c:904 aie2_query_ctx_status_array() warn: potent | ||
| CVE-2025-68730 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created | ||
| CVE-2025-68729 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type | ||
| CVE-2025-68728 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed mi_read in mi_format_new Fix a KMSAN un-init bug found by syzkaller. ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be uptodate. We do not bring the | ||
| CVE-2025-68727 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by __getname() Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN. | ||
| CVE-2025-68726 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize field in crypto_alg struct to replace type specific reqsize fields. It looks like this | ||
| CVE-2025-68724 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Use check_add_overflow() to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetric_k |
- CVE-2025-68744Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory refe
- CVE-2025-68743Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a regi
- CVE-2025-68742Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows
- CVE-2025-68741Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(). The qla24xx_alloc_pur
- CVE-2025-68740Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by ima_filter_rule_match() In ima_match_rules(), if ima_filter_rule_match() returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if (!rc)' check and se
- CVE-2025-68739Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling dev_pm_opp_put(opp) to maintain correct resource acquisition and release order.
- CVE-2025-68738Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx() If a link does not have an assigned channel yet, mt7996_vif_link returns NULL. We still need to store the updated queue settings in that case, and
- CVE-2025-68737Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: Propagate return value from __change_memory_common The rodata=on security measure requires that any code path which does vmalloc -> set_memory_ro/set_memory_rox must protect the linear map alias
- CVE-2025-68736Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mou
- CVE-2025-68735Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUP_CREATE ioctl function, which arose as pointer to the group is accessed in that io
- CVE-2025-68749Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpu_gem_bo_free() removes the BO from the BOs list before it gets unmapped. Then file_p
- CVE-2025-68733Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: smack: fix bug: unprivileged task can create labels If an unprivileged task is allowed to relabel itself (/smack/relabel-self is not empty), it can freely create new labels by writing their names into own /proc
- CVE-2025-68732Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa
- CVE-2025-68731Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2_pci.c:904 aie2_query_ctx_status_array() warn: potent
- CVE-2025-68730Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created
- CVE-2025-68729Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type
- CVE-2025-68728Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed mi_read in mi_format_new Fix a KMSAN un-init bug found by syzkaller. ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be uptodate. We do not bring the
- CVE-2025-68727Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by __getname() Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN.
- CVE-2025-68726Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize field in crypto_alg struct to replace type specific reqsize fields. It looks like this
- CVE-2025-68724Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Use check_add_overflow() to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetric_k
Page 2 of 35