VYPR

rpm package

suse/kernel-coco&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6

pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6

Vulnerabilities (2,052)

  • CVE-2025-21938Apr 1, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcp_pm_nl

  • CVE-2025-21937Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() in mgmt_remote_name() to prevent null pointer dereference.

  • CVE-2025-21936Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer dereference.

  • CVE-2025-21935Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. If it fails, put_device() should be called to free the memory and give up the reference initial

  • CVE-2025-21934Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. Thus, put_device() should be used rather than kfree(). Add "mport->net = NULL;

  • CVE-2025-21931Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 ("hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined) add page poison checks in do_migrate_range in order to m

  • CVE-2025-21930Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi] Call

  • CVE-2025-21928Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein

  • CVE-2025-21927Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvme_tcp_recv_pdu() doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invali

  • CVE-2025-21926Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later or

  • CVE-2025-21925Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: llc: do not use skb_get() before dev_queue_xmit() syzbot is able to crash hosts [1], using llc and devices not supporting IFF_TX_SKB_SHARING. In this case, e1000 driver calls eth_skb_pad(), while the skb is sh

  • CVE-2025-21924Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error During the initialization of ptp, hclge_ptp_get_cycle might return an error and returned directly without unregiste

  • CVE-2025-21923Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the client_hdev used for intercepting hidraw access. This can lead to scheduling deferred work to rea

  • CVE-2025-21922Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning [1], which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code

  • CVE-2025-21920Apr 1, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a

  • CVE-2025-21919Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list child_cfs_rq_on_list attempts to convert a 'prev' pointer to a cfs_rq. This 'prev' pointer can originate from struct rq's leaf_cfs_rq_list, ma

  • CVE-2025-21918Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting fo

  • CVE-2025-21917Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Flush the notify_hotplug_work When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kern

  • CVE-2025-21916Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see [1]. This time the issue stems from a commit authored by me (2eabb655a968 ("usb: atm: c

  • CVE-2025-21915Apr 1, 2025
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driver_override_show() Fixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c This function driver_override_show() is part of DEVICE_ATTR_RW, which includes

Page 36 of 103