rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-39681 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU in | |
| CVE-2025-39676 | Med | 5.5 | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error point | |
| CVE-2025-39675 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() The function mod_hdcp_hdcp1_create_session() calls the function get_first_active_display(), but does not check its return value. The re | |
| CVE-2025-39673 | Med | 4.7 | < 6.4.0-150600.23.78.1 | 6.4.0-150600.23.78.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in ppp_fill_forward_path ppp_fill_forward_path() has two race conditions: 1. The ppp->channels list can change between list_empty() and list_first_entry(), as ppp_lock() is not held | |
| CVE-2025-38736 | Hig | 7.1 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits (0-31). Without this | |
| CVE-2025-38735 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: gve: prevent ethtool ops after shutdown A crash can occur if an ethtool operation is invoked after shutdown() is called. shutdown() is invoked during system shutdown to stop DMA operations without performing e | |
| CVE-2025-38732 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject: don't leak dst refcount for loopback packets recent patches to add a WARN() when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include | |
| CVE-2025-39726 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/ism: fix concurrency management in ism_cmd() The s390x ISM device data sheet clearly states that only one request-response sequence is allowable per ISM function at any point in time. Unfortunately as of | ||
| CVE-2025-39721 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat_4xxx, in a tight loop can lead to a crash due to a use-after-free scenar | ||
| CVE-2025-39705 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(). When display control c | ||
| CVE-2025-39679 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). When the nvif_vmm_type is invalid, we will return error directly without freeing the args in nvif_vmm_ctor(), which leading a memory leak. Fix it | ||
| CVE-2025-39678 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add a check. | ||
| CVE-2025-39677 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdisc_dequeue_internal This issue applies for the following qdiscs: hhf, fq, fq_codel, and fq_pie, and occurs in their change handlers when adjusting to the new limit. The p | ||
| CVE-2025-38734 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix UAF on smcsk after smc_listen_out() BPF CI testing report a UAF issue: [ 16.446633] BUG: kernel NULL pointer dereference, address: 000000000000003 0 [ 16.447134] #PF: supervisor read acce | ||
| CVE-2025-38729 | Hig | 7.8 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too. | |
| CVE-2025-38728 | Hig | 7.1 | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces() (see below): BUG: KASA | |
| CVE-2025-38727 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the ju | |
| CVE-2025-38725 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: add phy_mask for ax88772 mdio bus Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f. DLink DUB- | |
| CVE-2025-38724 | Hig | 7.8 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Lei Lu recently reported that nfsd4_setclientid_confirm() did not check the return value from get_client_locked(). a SETCLIENTID_CONFIRM c | |
| CVE-2025-38721 | Med | 5.5 | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix refcount leak on table dump There is a reference count leak in ctnetlink_dump_table(): if (res < 0) { nf_conntrack_get(&ct->ct_general); // HERE c |
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU in
- affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error point
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() The function mod_hdcp_hdcp1_create_session() calls the function get_first_active_display(), but does not check its return value. The re
- affected < 6.4.0-150600.23.78.1fixed 6.4.0-150600.23.78.1
In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in ppp_fill_forward_path ppp_fill_forward_path() has two race conditions: 1. The ppp->channels list can change between list_empty() and list_first_entry(), as ppp_lock() is not held
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits (0-31). Without this
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: gve: prevent ethtool ops after shutdown A crash can occur if an ethtool operation is invoked after shutdown() is called. shutdown() is invoked during system shutdown to stop DMA operations without performing e
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject: don't leak dst refcount for loopback packets recent patches to add a WARN() when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include
- CVE-2025-39726Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: s390/ism: fix concurrency management in ism_cmd() The s390x ISM device data sheet clearly states that only one request-response sequence is allowable per ISM function at any point in time. Unfortunately as of
- CVE-2025-39721Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat_4xxx, in a tight loop can lead to a crash due to a use-after-free scenar
- CVE-2025-39705Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(). When display control c
- CVE-2025-39679Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). When the nvif_vmm_type is invalid, we will return error directly without freeing the args in nvif_vmm_ctor(), which leading a memory leak. Fix it
- CVE-2025-39678Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add a check.
- CVE-2025-39677Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdisc_dequeue_internal This issue applies for the following qdiscs: hhf, fq, fq_codel, and fq_pie, and occurs in their change handlers when adjusting to the new limit. The p
- CVE-2025-38734Sep 5, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix UAF on smcsk after smc_listen_out() BPF CI testing report a UAF issue: [ 16.446633] BUG: kernel NULL pointer dereference, address: 000000000000003 0 [ 16.447134] #PF: supervisor read acce
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too.
- affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces() (see below): BUG: KASA
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the ju
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: add phy_mask for ax88772 mdio bus Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f. DLink DUB-
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Lei Lu recently reported that nfsd4_setclientid_confirm() did not check the return value from get_client_locked(). a SETCLIENTID_CONFIRM c
- affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix refcount leak on table dump There is a reference count leak in ctnetlink_dump_table(): if (res < 0) { nf_conntrack_get(&ct->ct_general); // HERE c
Page 46 of 209