rpm package
suse/kernel-64kb&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (3,752)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40096 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies When adding dependencies with drm_sched_job_add_dependency(), that function consumes the fence reference both on success and failure, | ||
| CVE-2025-40088 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 1 | ||
| CVE-2025-40087 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proc_layoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout. | ||
| CVE-2025-40085 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 29, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card In try_to_register_card(), the return value of usb_ifnum_to_if() is passed directly to usb_interface_claimed() without a NULL check, which wil | ||
| CVE-2025-40083 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 29, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix null-deref in agg_dequeue To prevent a potential crash in agg_dequeue (net/sched/sch_qfq.c) when cl->qdisc->ops->peek(cl->qdisc) returns NULL, we check the return value before using it, | ||
| CVE-2025-40080 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutd | ||
| CVE-2025-40078 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpf_sock_addr Syzkaller found a kernel warning on the following sock_addr program: 0: r0 = 0 1: r2 = *(u32 *)(r1 +60) 2: exit which triggers: verifier bug: e | ||
| CVE-2025-40075 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: use dst_dev_net_rcu() Replace three dst_dev() with a lockdep enabled helper. | ||
| CVE-2025-40074 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dst_dev_rcu() Change icmpv4_xrlim_allow(), ip_defrag() to prevent possible UAF. Change ipmr_prepare_xmit(), ipmr_queue_fwd_xmit(), ip_mr_output(), ipv4_neigh_lookup() to use lockdep enabled d | ||
| CVE-2025-40071 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Don't block input queue by waiting MSC Currently gsm_queue() processes incoming frames and when opening a DLC channel it calls gsm_dlci_open() which calls gsm_modem_update(). If basic mode is used i | ||
| CVE-2025-40070 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in pps_register_cdev when register device fail Similar to previous commit 2a934fdb01db ("media: v4l2-dev: fix error handling in __video_register_device()"), the release hook should be set befor | ||
| CVE-2025-40064 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_g | ||
| CVE-2025-40062 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs When the initialization of qm->debug.acc_diff_reg fails, the probe process does not exit. However, after qm->debug.qm_diff_regs is freed, it is not set | ||
| CVE-2025-40061 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in do_task() when draining When do_task() exhausts its iteration budget (!ret), it sets the state to TASK_STATE_IDLE to reschedule, without a secondary check on the current task->state. This | ||
| CVE-2025-40060 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etm_setup_aux() only checks for a | ||
| CVE-2025-40059 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devm_kzalloc The return value of devm_kzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devm_kzalloc. | ||
| CVE-2025-40058 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- st | ||
| CVE-2025-40056 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copy_to_iter return value check The return value of copy_to_iter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values. | ||
| CVE-2025-40055 | — | < 6.4.0-150600.23.81.3 | 6.4.0-150600.23.81.3 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a | ||
| CVE-2025-40052 | — | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifs_sg_set_buf() helper that converts vm |
- CVE-2025-40096Oct 30, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies When adding dependencies with drm_sched_job_add_dependency(), that function consumes the fence reference both on success and failure,
- CVE-2025-40088Oct 30, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 1
- CVE-2025-40087Oct 30, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proc_layoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout.
- CVE-2025-40085Oct 29, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card In try_to_register_card(), the return value of usb_ifnum_to_if() is passed directly to usb_interface_claimed() without a NULL check, which wil
- CVE-2025-40083Oct 29, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix null-deref in agg_dequeue To prevent a potential crash in agg_dequeue (net/sched/sch_qfq.c) when cl->qdisc->ops->peek(cl->qdisc) returns NULL, we check the return value before using it,
- CVE-2025-40080Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutd
- CVE-2025-40078Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpf_sock_addr Syzkaller found a kernel warning on the following sock_addr program: 0: r0 = 0 1: r2 = *(u32 *)(r1 +60) 2: exit which triggers: verifier bug: e
- CVE-2025-40075Oct 28, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: use dst_dev_net_rcu() Replace three dst_dev() with a lockdep enabled helper.
- CVE-2025-40074Oct 28, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dst_dev_rcu() Change icmpv4_xrlim_allow(), ip_defrag() to prevent possible UAF. Change ipmr_prepare_xmit(), ipmr_queue_fwd_xmit(), ip_mr_output(), ipv4_neigh_lookup() to use lockdep enabled d
- CVE-2025-40071Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Don't block input queue by waiting MSC Currently gsm_queue() processes incoming frames and when opening a DLC channel it calls gsm_dlci_open() which calls gsm_modem_update(). If basic mode is used i
- CVE-2025-40070Oct 28, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in pps_register_cdev when register device fail Similar to previous commit 2a934fdb01db ("media: v4l2-dev: fix error handling in __video_register_device()"), the release hook should be set befor
- CVE-2025-40064Oct 28, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_g
- CVE-2025-40062Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs When the initialization of qm->debug.acc_diff_reg fails, the probe process does not exit. However, after qm->debug.qm_diff_regs is freed, it is not set
- CVE-2025-40061Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in do_task() when draining When do_task() exhausts its iteration budget (!ret), it sets the state to TASK_STATE_IDLE to reschedule, without a secondary check on the current task->state. This
- CVE-2025-40060Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etm_setup_aux() only checks for a
- CVE-2025-40059Oct 28, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devm_kzalloc The return value of devm_kzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devm_kzalloc.
- CVE-2025-40058Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- st
- CVE-2025-40056Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copy_to_iter return value check The return value of copy_to_iter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values.
- CVE-2025-40055Oct 28, 2025affected < 6.4.0-150600.23.81.3fixed 6.4.0-150600.23.81.3
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a
- CVE-2025-40052Oct 28, 2025affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifs_sg_set_buf() helper that converts vm
Page 3 of 188