rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21653 | Med | 5.5 | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute syzbot found that TCA_FLOW_RSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bo | |
| CVE-2025-21648 | Med | 5.5 | < 6.4.0-150600.23.53.1 | 6.4.0-150600.23.53.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing has | |
| CVE-2025-21647 | Hig | 7.1 | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters | |
| CVE-2025-21640 | Med | 5.5 | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: | |
| CVE-2025-21639 | Med | 5.5 | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rto_min/max: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: gett | |
| CVE-2025-21638 | Med | 5.5 | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: auth_enable: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: gett | |
| CVE-2025-21652 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlan_get_iflink(). syzbot presented an use-after-free report [0] regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If t | ||
| CVE-2025-21651 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: [ 16. | ||
| CVE-2025-21650 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs 1024-1279 are in different BAR space addresses. However, hclge_fet | ||
| CVE-2025-21649 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices Currently, HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL. But the tx process would still try to set hardware time stamp | ||
| CVE-2025-21646 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs if someone actually does that: kafs tries to create a directory under /proc/net/a | ||
| CVE-2025-21645 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try | ||
| CVE-2025-21637 | — | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting | ||
| CVE-2025-21636 | — | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsis | ||
| CVE-2025-21635 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsisten | ||
| CVE-2025-21632 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure shadow stack is active before "getting" registers The x86 shadow stack support has its own set of registers. Those registers are XSAVE-managed, but they are "supervisor state components" which m | ||
| CVE-2025-21631 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr | ||
| CVE-2024-57857 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rely on associated ib_devices net_device management, not doubling the effort locally. A badly managed local link | ||
| CVE-2024-57802 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ================================================= | ||
| CVE-2024-57801 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregister_netdev is called after unloading vport rep. So, the mlx5e_rep_priv is already freed while trying to get rpriv- |
- affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute syzbot found that TCA_FLOW_RSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bo
- affected < 6.4.0-150600.23.53.1fixed 6.4.0-150600.23.53.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing has
- affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters
- affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency:
- affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rto_min/max: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: gett
- affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: auth_enable: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: gett
- CVE-2025-21652Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlan_get_iflink(). syzbot presented an use-after-free report [0] regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If t
- CVE-2025-21651Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: [ 16.
- CVE-2025-21650Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs 1024-1279 are in different BAR space addresses. However, hclge_fet
- CVE-2025-21649Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices Currently, HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL. But the tx process would still try to set hardware time stamp
- CVE-2025-21646Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs if someone actually does that: kafs tries to create a directory under /proc/net/a
- CVE-2025-21645Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try
- CVE-2025-21637Jan 19, 2025affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting
- CVE-2025-21636Jan 19, 2025affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsis
- CVE-2025-21635Jan 19, 2025affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsisten
- CVE-2025-21632Jan 19, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure shadow stack is active before "getting" registers The x86 shadow stack support has its own set of registers. Those registers are XSAVE-managed, but they are "supervisor state components" which m
- CVE-2025-21631Jan 19, 2025affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr
- CVE-2024-57857Jan 15, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rely on associated ib_devices net_device management, not doubling the effort locally. A badly managed local link
- CVE-2024-57802Jan 15, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. =================================================
- CVE-2024-57801Jan 15, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregister_netdev is called after unloading vport rep. So, the mlx5e_rep_priv is already freed while trying to get rpriv-
Page 98 of 209