VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

  • CVE-2025-71093Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000_tbi_should_accept() In e1000_tbi_should_accept() we read the last byte of the frame via 'data[length - 1]' to evaluate the TBI workaround. If the descriptor- reported length is zero or l

  • CVE-2025-71091Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_override_port_prio_changed() There has been a syzkaller bug reported recently with the following trace: list_del corruption, ffff888058bea080->prev is LIST_POISON

  • CVE-2025-71088Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c

  • CVE-2025-71087Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavf_config_rss_reg() There are off-by-one bugs when configuring RSS hash key and lookup table, causing out-of-bounds reads to memory [1] and out-of-bounds writes to device regist

  • CVE-2025-71086Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a device being brought down. T

  • CVE-2025-71085Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t

  • CVE-2025-71084Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancel_work_sync() will prevent the work from running which also pr

  • CVE-2025-71083Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the content

  • CVE-2025-71082Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921dbd00c4e ("Bluetooth: Use devm_kzalloc in btusb.c file"). In btusb_probe(), we use devm_kzalloc() to allocate the btusb data. This

  • CVE-2025-71081Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the set_sync() callback fails during DAI probe. Make s

  • CVE-2025-71080Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT On PREEMPT_RT kernels, after rt6_get_pcpu_route() returns NULL, the current task can be preempted. Another task running on the same CPU may then execute

  • CVE-2025-71079Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write A deadlock can occur between nfc_unregister_device() and rfkill_fop_write() due to lock ordering inversion between device_lock and rfkil

  • CVE-2025-71078Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache i

  • CVE-2025-71077Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only

  • CVE-2025-71076Jan 13, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit num_syncs to prevent oversized allocations The OA open parameters did not validate num_syncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations.

  • CVE-2025-71071Jan 13, 2026
    affected < 6.4.0-150700.53.34.1fixed 6.4.0-150700.53.34.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use

  • CVE-2025-68766Jan 5, 2026
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values

  • CVE-2025-68765Jan 5, 2026
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error

  • CVE-2025-68764Jan 5, 2026
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.

  • CVE-2025-68759Jan 5, 2026
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success

Page 12 of 114