rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,269)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-21859	Med	5.5	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to f_midi_transmit, causing a deadlock. Fix it by using queue_wor
CVE-2025-21858	Hig	7.8	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after-free in geneve_find_dev() [0] without repro. geneve_configure() links struct geneve_dev.next to net_generic(net, geneve_net_id)->
CVE-2025-21848	Med	5.5	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
CVE-2025-21846	Med	5.5	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This c
CVE-2025-21844	Med	5.5	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add check for the return value of cifs_buf_get() and cifs_small_buf_get() in receive_encrypted_standard() to prevent null pointer dereferen
CVE-2025-21866		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vma
CVE-2025-21863		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode speculation sqe->opcode is used for different tables, make sure we santitise it against speculations.
CVE-2025-21861		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() If migration succeeded, we called folio_migrate_flags()->mem_cgroup_migrate() to migrate the memcg from the old to the new foli
CVE-2025-21857		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can return 1 if the allocation succeeded after wrapping. This was treated as an er
CVE-2025-21856		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release() in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees
CVE-2025-21855		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb m
CVE-2025-21854		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsock_proto::psock_update_sk_prot(). However, there is an edge case wh
CVE-2025-21853		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex to prevent races between map_freeze() and memory mapping BPF map contents with writable permissions. The way we naively do this mea
CVE-2025-21852		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: net: Add rx_skb of kfree_skb to raw_tp_null_args[]. Yan Zhai reported a BPF prog could trigger a null-ptr-deref [0] in trace_kfree_skb if the prog does not check if rx_sk is NULL. Commit c53795d48ee8 ("net: ad
CVE-2025-21850		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when
CVE-2025-21849		—	< 6.4.0-150700.20.6.1	6.4.0-150700.20.6.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Use spin_lock_irqsave() in interruptible context spin_lock/unlock() functions used in interrupt contexts could result in a deadlock, as seen in GitLab issue #13399, which occurs when interrupt come
CVE-2025-21847		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The nullity of sps->cstream should be checked similarly as it is done in sof_set_stream_data_offset() function. Assuming that it is not NUL
CVE-2024-58088		—	< 6.4.0-150700.20.3.1	6.4.0-150700.20.3.1	Mar 12, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a ("bpf: Prevent deadlock from recursive bpf_task_storage_[get\|delete]") first introduced deadlock prevention for fentry/fexit progr
CVE-2025-21842		—	< 6.4.0-150700.20.6.1	6.4.0-150700.20.6.1	Mar 7, 2025	In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gang_ctx_bo when failed to init user queue The destructor of a gtt bo is declared as void amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device adev, void mem_obj); Which takes void* as the
CVE-2025-21839		—	< 6.4.0-150700.20.11.1	6.4.0-150700.20.11.1	Mar 7, 2025	In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load

CVE-2025-21859MedMar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to f_midi_transmit, causing a deadlock. Fix it by using queue_wor
CVE-2025-21858HigMar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after-free in geneve_find_dev() [0] without repro. geneve_configure() links struct geneve_dev.next to net_generic(net, geneve_net_id)->
CVE-2025-21848MedMar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
CVE-2025-21846MedMar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This c
CVE-2025-21844MedMar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add check for the return value of cifs_buf_get() and cifs_small_buf_get() in receive_encrypted_standard() to prevent null pointer dereferen
CVE-2025-21866Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vma
CVE-2025-21863Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode speculation sqe->opcode is used for different tables, make sure we santitise it against speculations.
CVE-2025-21861Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() If migration succeeded, we called folio_migrate_flags()->mem_cgroup_migrate() to migrate the memcg from the old to the new foli
CVE-2025-21857Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can return 1 if the allocation succeeded after wrapping. This was treated as an er
CVE-2025-21856Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release() in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees
CVE-2025-21855Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb m
CVE-2025-21854Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsock_proto::psock_update_sk_prot(). However, there is an edge case wh
CVE-2025-21853Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex to prevent races between map_freeze() and memory mapping BPF map contents with writable permissions. The way we naively do this mea
CVE-2025-21852Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net: Add rx_skb of kfree_skb to raw_tp_null_args[]. Yan Zhai reported a BPF prog could trigger a null-ptr-deref [0] in trace_kfree_skb if the prog does not check if rx_sk is NULL. Commit c53795d48ee8 ("net: ad
CVE-2025-21850Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when
CVE-2025-21849Mar 12, 2025
affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Use spin_lock_irqsave() in interruptible context spin_lock/unlock() functions used in interrupt contexts could result in a deadlock, as seen in GitLab issue #13399, which occurs when interrupt come
CVE-2025-21847Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The nullity of sps->cstream should be checked similarly as it is done in sof_set_stream_data_offset() function. Assuming that it is not NUL
CVE-2024-58088Mar 12, 2025
affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a ("bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]") first introduced deadlock prevention for fentry/fexit progr
CVE-2025-21842Mar 7, 2025
affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gang_ctx_bo when failed to init user queue The destructor of a gtt bo is declared as void amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj); Which takes void** as the
CVE-2025-21839Mar 7, 2025
affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpu_run() loop to fix a bug where KVM can load

Page 106 of 114