rpm package
suse/kernel-coco_debug&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6
pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6
Vulnerabilities (2,052)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38132 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable) | ||
| CVE-2025-38131 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This co | ||
| CVE-2025-38129 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of | ||
| CVE-2025-38127 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In | ||
| CVE-2025-38126 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree | ||
| CVE-2025-38125 | — | < 6.4.0-15061.32.coco15sp6.1 | 6.4.0-15061.32.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigge | ||
| CVE-2025-38123 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, i | ||
| CVE-2025-38122 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. | ||
| CVE-2025-38120 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early | ||
| CVE-2025-38118 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete This reworks MGMT_OP_REMOVE_ADV_MONITOR to not use mgmt_pending_add to avoid crashes like bellow: ================================================== | ||
| CVE-2025-38117 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmt_pending list with its own lock This uses a mutex to protect from concurrent access of mgmt_pending list which can cause crashes like: ============================================= | ||
| CVE-2025-38115 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: fix a potential crash on gso_skb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch->q.len can be inflated by packets in | ||
| CVE-2025-38113 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these | ||
| CVE-2025-38112 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable is a valid function pointer when sk resides in a sockmap. After the last sk_psock_put() (which usually happens when socket is removed from | ||
| CVE-2025-38110 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t | ||
| CVE-2025-38109 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop | ||
| CVE-2025-38108 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a race condition in RED, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU | ||
| CVE-2025-38107 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 | ||
| CVE-2025-38105 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat | ||
| CVE-2025-38103 | — | < 6.4.0-15061.32.coco15sp6.1 | 6.4.0-15061.32.coco15sp6.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Update struct hid_descriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note |
- CVE-2025-38132Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable)
- CVE-2025-38131Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This co
- CVE-2025-38129Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of
- CVE-2025-38127Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In
- CVE-2025-38126Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree
- CVE-2025-38125Jul 3, 2025affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigge
- CVE-2025-38123Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, i
- CVE-2025-38122Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer.
- CVE-2025-38120Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early
- CVE-2025-38118Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete This reworks MGMT_OP_REMOVE_ADV_MONITOR to not use mgmt_pending_add to avoid crashes like bellow: ==================================================
- CVE-2025-38117Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmt_pending list with its own lock This uses a mutex to protect from concurrent access of mgmt_pending list which can cause crashes like: =============================================
- CVE-2025-38115Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: fix a potential crash on gso_skb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch->q.len can be inflated by packets in
- CVE-2025-38113Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these
- CVE-2025-38112Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable is a valid function pointer when sk resides in a sockmap. After the last sk_psock_put() (which usually happens when socket is removed from
- CVE-2025-38110Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t
- CVE-2025-38109Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop
- CVE-2025-38108Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a race condition in RED, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU
- CVE-2025-38107Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0
- CVE-2025-38105Jul 3, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat
- CVE-2025-38103Jul 3, 2025affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Update struct hid_descriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note
Page 17 of 103