suse/kernel-default-base&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

Vulnerabilities (2,262)

• CVE-2025-40172Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Currently, if find_and_map_user_pages() takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host re

• CVE-2025-40171Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: move lsop put work to nvmet_fc_ls_req_op It’s possible for more than one async command to be in flight from __nvmet_fc_send_ls_req. For each command, a tgtport reference is taken. In the current code

• CVE-2025-40170Nov 12, 2025
  affected < 6.4.0-150700.53.28.1.150700.17.19.1fixed 6.4.0-150700.53.28.1.150700.17.19.1

  In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size(). Also use dst_dev_rcu() in ip6_dst_mtu_maybe_forward(), and ip_dst_mtu_maybe_for

• CVE-2025-40169Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the check_alu_op() function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer.

• CVE-2025-40168Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). smc_clc_prfx_match() is called from smc_listen_work() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk

• CVE-2025-40167Nov 12, 2025
  affected < 6.4.0-150700.53.28.1.150700.17.19.1fixed 6.4.0-150700.53.28.1.150700.17.19.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BUG_ON in ext4_es_cache_extent() when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is

• CVE-2025-40166Nov 12, 2025
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check GuC running state before deregistering exec queue In normal operation, a registered exec queue is disabled and deregistered through the GuC, and freed only after the GuC confirms completion. H

• CVE-2025-40160Nov 12, 2025
  affected < 6.4.0-150700.53.28.1.150700.17.19.1fixed 6.4.0-150700.53.28.1.150700.17.19.1

  In the Linux kernel, the following vulnerability has been resolved: xen/events: Return -EEXIST for bound VIRQs Change find_virq() to return -EEXIST when a VIRQ is bound to a different CPU than the one passed in. With that, remove the BUG_ON() from bind_virq_to_irq() to propoga

• CVE-2025-40159Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdp_desc validation Turned out certain clearly invalid values passed in xdp_desc from userspace can pass xp_{,un}aligned_validate_desc() and then lead to UBs or just invalid frame

• CVE-2025-40158Nov 12, 2025
  affected < 6.4.0-150700.53.28.1.150700.17.19.1fixed 6.4.0-150700.53.28.1.150700.17.19.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. We can remove rcu_read_lock()/rcu_read_unlock() pairs from ip6_finish_output2().

• CVE-2025-40157Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nm_edac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in dr

• CVE-2025-40156Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() The drv->sram_reg pointer could be set to ERR_PTR(-EPROBE_DEFER) which would lead to a error pointer dereference. Use IS_ERR_OR_NULL()

• CVE-2025-40154Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to unepxect

• CVE-2025-40153Nov 12, 2025
  affected < 6.4.0-150700.53.28.1.150700.17.19.1fixed 6.4.0-150700.53.28.1.150700.17.19.1

  In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect() to a large hugetlb memory area in our customer's workload (~300GB hugetlb memory), soft lockup was observed: watchdog:

• CVE-2025-40142Nov 12, 2025
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT snd_pcm_group_lock_irq() acquires a spinlock_t and disables interrupts via spin_lock_irq(). This also implicitly disables the handling

• CVE-2025-40141Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on iso_conn_free This attempt to fix similar issue to sco_conn_free where if the conn->sk is not set to NULL may lead to UAF on iso_conn_free.

• CVE-2025-40140Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast syzbot reported WARNING in rtl8150_start_xmit/usb_submit_urb. This is the sequence of events that leads to the warning: rtl8150_start_xmit(

• CVE-2025-40139Nov 12, 2025
  affected < 6.4.0-150700.53.25.1.150700.17.17.1fixed 6.4.0-150700.53.25.1.150700.17.17.1

  In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_ge

• CVE-2025-40136Nov 12, 2025
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The device interrupt vector 3 is an error interrupt for physical function and a reserved interrupt for virtual function. However, the drive

• CVE-2025-40135Nov 12, 2025
  affected < 6.4.0-150700.53.28.1.150700.17.19.1fixed 6.4.0-150700.53.28.1.150700.17.19.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.