rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
Vulnerabilities (2,372)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21992 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: ignore non-functional sensor in HP 5MP Camera The HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iio_i | |
| CVE-2025-21991 | Hig | 7.8 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the | |
| CVE-2025-21990 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo->tbo.resource will be NULL. Check for that before dereferencing. (cherry picked from com | |
| CVE-2025-21989 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix missing .is_two_pixels_per_container Starting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, due to lack of .is_two_pixels_per_container function in dce60_tg_funcs, causes a | |
| CVE-2025-21987 | Med | 5.5 | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: init return value in amdgpu_ttm_clear_buffer Otherwise an uninitialized value can be returned if amdgpu_res_cleared returns true for all regions. Possibly closes: https://gitlab.freedesktop.org/drm | |
| CVE-2025-21985 | Hig | 7.1 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses [WHAT & HOW] hpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4), but location can have size up to 6. As a result, it is necessary to check location a | |
| CVE-2025-21981 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS (accelerated Receive Flow Steering) structures memory leak by adding a checker to verify if aRFS memory is already allocated while configuring VSI. aRFS objects | |
| CVE-2025-21980 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gred_init returns a NULL pointer, the code follows the error handling path, invoking gred_destroy. This, in turn, calls g | |
| CVE-2025-21979 | Hig | 7.8 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphy_work before freeing wiphy A wiphy_work can be queued from the moment the wiphy is allocated and initialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the rdev::wiphy_work is | |
| CVE-2025-21978 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fix address space leak when Hyper-V DRM device is removed When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram, and maps it cacheable. If the device removed, or in the e | |
| CVE-2025-21975 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() must be checked to prevent NULL pointer dereferences. | |
| CVE-2025-21974 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() The bnxt_queue_mem_alloc() is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor cor | |
| CVE-2025-21973 | Hig | 7.1 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_ops are called. The bnxt_get_queue_stats{rx | tx} collect per-queue stats from s | |
| CVE-2025-21972 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the frag_list used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak d | |
| CVE-2025-21971 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe | |
| CVE-2025-21970 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEV_CHANGEUPPER event is triggered. Driver finds the lower devices (PFs) to flush all the offloaded entries. An | |
| CVE-2025-21969 | Hig | 7.8 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye | |
| CVE-2025-21968 | Hig | 7.8 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcp_work [Why] A slab-use-after-free is reported when HDCP is destroyed but the property_validate_dwork queue is still running. [How] Cancel the delayed work when d | |
| CVE-2025-21966 | Hig | 7.8 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Fix memory corruption due to incorrect parameter being passed to bio_init | |
| CVE-2025-21964 | Med | 5.5 | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s |
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: ignore non-functional sensor in HP 5MP Camera The HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iio_i
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo->tbo.resource will be NULL. Check for that before dereferencing. (cherry picked from com
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix missing .is_two_pixels_per_container Starting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, due to lack of .is_two_pixels_per_container function in dce60_tg_funcs, causes a
- affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: init return value in amdgpu_ttm_clear_buffer Otherwise an uninitialized value can be returned if amdgpu_res_cleared returns true for all regions. Possibly closes: https://gitlab.freedesktop.org/drm
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses [WHAT & HOW] hpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4), but location can have size up to 6. As a result, it is necessary to check location a
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS (accelerated Receive Flow Steering) structures memory leak by adding a checker to verify if aRFS memory is already allocated while configuring VSI. aRFS objects
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gred_init returns a NULL pointer, the code follows the error handling path, invoking gred_destroy. This, in turn, calls g
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphy_work before freeing wiphy A wiphy_work can be queued from the moment the wiphy is allocated and initialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the rdev::wiphy_work is
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fix address space leak when Hyper-V DRM device is removed When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram, and maps it cacheable. If the device removed, or in the e
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: handle errors in mlx5_chains_create_table() In mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() must be checked to prevent NULL pointer dereferences.
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() The bnxt_queue_mem_alloc() is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor cor
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_ops are called. The bnxt_get_queue_stats{rx | tx} collect per-queue stats from s
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the frag_list used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak d
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEV_CHANGEUPPER event is triggered. Driver finds the lower devices (PFs) to flush all the offloaded entries. An
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcp_work [Why] A slab-use-after-free is reported when HDCP is destroyed but the property_validate_dwork queue is still running. [How] Cancel the delayed work when d
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Fix memory corruption due to incorrect parameter being passed to bio_init
- affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s
Page 106 of 119