rpm package
opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed
Vulnerabilities (694)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68766 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values | ||
| CVE-2025-68765 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error | ||
| CVE-2025-68764 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag. | ||
| CVE-2025-68763 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly handle return of sg_nents_for_len The return value of sg_nents_for_len was assigned to an unsigned long in starfive_hash_digest, causing negative error codes to be converted to larg | ||
| CVE-2025-68762 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFF_DISABLE_NETPOLL flag. The warning (at kernel/workqueue.c:4242 in __flush_work) oc | ||
| CVE-2025-68761 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfs_correct_next_unused_CNID() This code calls hfs_bnode_put(node) which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when | ||
| CVE-2025-68760 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4- | ||
| CVE-2025-68759 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success | ||
| CVE-2025-68758 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a | ||
| CVE-2025-68757 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put(). | ||
| CVE-2025-68756 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock blk_mq_{add,del}_queue_tag_set() functions add and remove queues from tagset, the functions make sure that tagset and queues are marke | ||
| CVE-2025-68755 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: mos | ||
| CVE-2025-68754 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp | ||
| CVE-2025-68753 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite | ||
| CVE-2025-68752 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050b | ||
| CVE-2025-68751 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vstl() A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on | ||
| CVE-2025-68748 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are ye | ||
| CVE-2025-68747 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should | ||
| CVE-2025-68746 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer t | ||
| CVE-2025-68745 | — | < 6.18.16-1.1 | 6.18.16-1.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx: target: Fix offline port handling and host reset handling") caused two problems: 1. Commands sent to FW, after chip reset got stu |
- CVE-2025-68766Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values
- CVE-2025-68765Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error
- CVE-2025-68764Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.
- CVE-2025-68763Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly handle return of sg_nents_for_len The return value of sg_nents_for_len was assigned to an unsigned long in starfive_hash_digest, causing negative error codes to be converted to larg
- CVE-2025-68762Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFF_DISABLE_NETPOLL flag. The warning (at kernel/workqueue.c:4242 in __flush_work) oc
- CVE-2025-68761Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfs_correct_next_unused_CNID() This code calls hfs_bnode_put(node) which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when
- CVE-2025-68760Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4-
- CVE-2025-68759Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success
- CVE-2025-68758Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a
- CVE-2025-68757Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().
- CVE-2025-68756Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock blk_mq_{add,del}_queue_tag_set() functions add and remove queues from tagset, the functions make sure that tagset and queues are marke
- CVE-2025-68755Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: mos
- CVE-2025-68754Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp
- CVE-2025-68753Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite
- CVE-2025-68752Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050b
- CVE-2025-68751Jan 5, 2026affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vstl() A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on
- CVE-2025-68748Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are ye
- CVE-2025-68747Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should
- CVE-2025-68746Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer t
- CVE-2025-68745Dec 24, 2025affected < 6.18.16-1.1fixed 6.18.16-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx: target: Fix offline port handling and host reset handling") caused two problems: 1. Commands sent to FW, after chip reset got stu
Page 1 of 35