VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server for SAP applications 16.0

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0

Vulnerabilities (594)

  • CVE-2025-40362Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs

  • CVE-2025-40360Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plan

  • CVE-2025-40359Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ===================================================

  • CVE-2025-40357Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in __smc_diag_dump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 [#1] SMP KASAN NOPTI KASAN: m

  • CVE-2025-40355Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: sysfs: check visibility before changing group attribute ownership Since commit 0c17270f9b92 ("net: sysfs: Implement is_visible for phys_(port_id, port_name, switch_id)"), __dev_change_net_namespace() can hit WA

  • CVE-2025-40354Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link->enc NULL pointer access [why] 1.) dc->links[MAX_LINKS] array size smaller than actual requested. max_connector + max_dpia + 4 virtual = 14. increase from 1

  • CVE-2025-40353Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copy_highpage() The arm64 copy_highpage() assumes that the destination page is newly allocated and not MTE-tagged (PG_mte_tagged unset) and warns accordi

  • CVE-2025-40350Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ XDP programs can change the layout of an xdp_buff through bpf_xdp_adjust_tail() and bpf_xdp_adjust_head(). Therefore, the driver cannot

  • CVE-2025-40347Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetc_mdio_lock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the re

  • CVE-2025-40346Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The c

  • CVE-2025-68223Dec 16, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with

  • CVE-2025-68211Dec 16, 2025
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item Currently, scan_get_next_rmap_item() walks every page address in a VMA to locate mergeable pages. This becomes highly inefficient when

  • CVE-2025-40345Dec 12, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report val

  • CVE-2025-40344Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avs_dai_fe_shutdown() handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the

  • CVE-2025-40343Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_por

  • CVE-2025-40342Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reco

  • CVE-2025-40340Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test. I saw an oops in xe_gem_fault when running the xe-fast-feedback testlist against the realtime kernel without debug options enabled. The panic

  • CVE-2025-40339Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix nullptr err of vm_handle_moved If a amdgpu_bo_va is fpriv->prt_va, the bo of this one is always NULL. So, such kind of amdgpu_bo_va should be updated separately before amdgpu_vm_handle_moved.

  • CVE-2025-40338Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, upd

  • CVE-2025-40337Dec 9, 2025
    affected < 6.12.0-160000.9.1fixed 6.12.0-160000.9.1

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Correctly handle Rx checksum offload errors The stmmac_rx function would previously set skb->ip_summed to CHECKSUM_UNNECESSARY if hardware checksum offload (CoE) was enabled and the packet was of a

Page 22 of 30