rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38236 | Hig | 7.8 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce the issue: $ python3 from socket import * s1, s2 | |
| CVE-2025-38231 | Med | 5.5 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. If nfsd_ssc isn't initi | |
| CVE-2025-38222 | Med | 5.5 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running the following code on an ext4 filesystem with inline_data feature enabled, it will lead to the bug below. fd = open("file1", O_RD | |
| CVE-2025-38215 | Med | 5.5 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in do_register_framebuffer() fails to allocate memory for fb_videomode, it will later lead to a null-ptr | |
| CVE-2025-38214 | Med | 5.5 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in fb_set_var() fails to allocate memory for fb_videomode, later it may lead to a null-ptr dereference in fb_videomod | |
| CVE-2025-38212 | Hig | 7.8 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i | |
| CVE-2025-38198 | Hig | 7.8 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "store_modes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in drivers/ | |
| CVE-2025-38192 | Med | 5.5 | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address | |
| CVE-2025-38234 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do | ||
| CVE-2025-38229 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusb_i2c_xfer. [1] Only when the write operation of usb_bulk_msg() in dvb_usb_generic_rw() succeeds and rlen is greate | ||
| CVE-2025-38227 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtv_mux_init. [1] After PSI initialization fails, the si member is accessed again, res | ||
| CVE-2025-38226 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline] BUG: KASAN: vmallo | ||
| CVE-2025-38225 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an allocation error When allocation failures are not cleaned up by the driver, further allocation errors will be false-positives, which will cause buffers to remain uninitialized | ||
| CVE-2025-38220 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Tra | ||
| CVE-2025-38217 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (ftsteutates) Fix TOCTOU race in fts_read() In the fts_read() function, when handling hwmon_pwm_auto_channels_temp, the code accesses the shared variable data->fan_source[channel] twice without holding a | ||
| CVE-2025-38211 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref | ||
| CVE-2025-38210 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsm_ops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items. | ||
| CVE-2025-38208 | — | < 6.4.0-150600.23.70.1 | 6.4.0-150600.23.70.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automount_fullpath page is checked for null in __build_path_from_dentry_optional_prefix when tcon->origin_fullpath is not set. However, the check is missing when it is set. Add a | ||
| CVE-2025-38206 | — | < 6.4.0-150600.23.65.1 | 6.4.0-150600.23.65.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre | ||
| CVE-2025-38205 | — | < 6.4.0-150600.23.70.1 | 6.4.0-150600.23.70.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 [Why] If the dummy values in `populate_dummy_dml_surface_cfg()` aren't updated then they can lead to a divide by zero in downstream callers |
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce the issue: $ python3 from socket import * s1, s2
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. If nfsd_ssc isn't initi
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running the following code on an ext4 filesystem with inline_data feature enabled, it will lead to the bug below. fd = open("file1", O_RD
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in do_register_framebuffer() fails to allocate memory for fb_videomode, it will later lead to a null-ptr
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in fb_set_var() fails to allocate memory for fb_videomode, later it may lead to a null-ptr dereference in fb_videomod
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "store_modes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in drivers/
- affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address
- CVE-2025-38234Jul 4, 2025affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do
- CVE-2025-38229Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusb_i2c_xfer. [1] Only when the write operation of usb_bulk_msg() in dvb_usb_generic_rw() succeeds and rlen is greate
- CVE-2025-38227Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtv_mux_init. [1] After PSI initialization fails, the si member is accessed again, res
- CVE-2025-38226Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline] BUG: KASAN: vmallo
- CVE-2025-38225Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an allocation error When allocation failures are not cleaned up by the driver, further allocation errors will be false-positives, which will cause buffers to remain uninitialized
- CVE-2025-38220Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Tra
- CVE-2025-38217Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (ftsteutates) Fix TOCTOU race in fts_read() In the fts_read() function, when handling hwmon_pwm_auto_channels_temp, the code accesses the shared variable data->fan_source[channel] twice without holding a
- CVE-2025-38211Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref
- CVE-2025-38210Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsm_ops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items.
- CVE-2025-38208Jul 4, 2025affected < 6.4.0-150600.23.70.1fixed 6.4.0-150600.23.70.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automount_fullpath page is checked for null in __build_path_from_dentry_optional_prefix when tcon->origin_fullpath is not set. However, the check is missing when it is set. Add a
- CVE-2025-38206Jul 4, 2025affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1
In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre
- CVE-2025-38205Jul 4, 2025affected < 6.4.0-150600.23.70.1fixed 6.4.0-150600.23.70.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 [Why] If the dummy values in `populate_dummy_dml_surface_cfg()` aren't updated then they can lead to a divide by zero in downstream callers
Page 61 of 209