rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS
Vulnerabilities (421)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40178 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pid_nr_ns __task_pid_nr_ns ns = task_active_pid_ns(current); pid_nr_ns(rcu_dereference(*task_pid_ptr(task, type)), ns); if (pid && ns->level <= | ||
| CVE-2025-40170 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size(). Also use dst_dev_rcu() in ip6_dst_mtu_maybe_forward(), and ip_dst_mtu_maybe_for | ||
| CVE-2025-40167 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BUG_ON in ext4_es_cache_extent() when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is | ||
| CVE-2025-40158 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. We can remove rcu_read_lock()/rcu_read_unlock() pairs from ip6_finish_output2(). | ||
| CVE-2025-40153 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect() to a large hugetlb memory area in our customer's workload (~300GB hugetlb memory), soft lockup was observed: watchdog: | ||
| CVE-2025-40135 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF. | ||
| CVE-2025-40134 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in __dm_suspend() There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before t | ||
| CVE-2025-40103 | — | < 6.4.0-150600.23.92.1.150600.12.42.2 | 6.4.0-150600.23.92.1.150600.12.42.2 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifs_sb_tlink Fix three refcount inconsistency issues related to `cifs_sb_tlink`. Comments for `cifs_sb_tlink` state that `cifs_put_tlink()` needs to be called after successf | ||
| CVE-2025-40102 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpr | ||
| CVE-2025-40099 | — | < 6.4.0-150600.23.92.1.150600.12.42.2 | 6.4.0-150600.23.92.1.150600.12.42.2 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of | ||
| CVE-2025-40097 | — | < 6.4.0-150600.23.87.1.150600.12.40.1 | 6.4.0-150600.23.87.1.150600.12.40.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hda_component_manager_init function The __component_match_add function may assign the 'matchptr' pointer the value ERR_PTR(-ENOMEM), which will subsequently be dereferenc | ||
| CVE-2025-40081 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB). | ||
| CVE-2025-40053 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer | ||
| CVE-2025-40042 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11 | ||
| CVE-2025-40033 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL check, which could lead to a null pointer dereference. Mov | ||
| CVE-2025-40024 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in struct vhost_task. vhost_task_create() creates a task and keeps a reference to its task_struct. That task may exit early via a signal and its task_struct will be released. | ||
| CVE-2023-53714 | — | < 6.4.0-150600.23.87.1.150600.12.40.1 | 6.4.0-150600.23.87.1.150600.12.40.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning: | ||
| CVE-2025-40006 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio | ||
| CVE-2025-39977 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule() | ||
| CVE-2025-39964 | — | < 6.4.0-150600.23.92.1.150600.12.42.2 | 6.4.0-150600.23.92.1.150600.12.42.2 | Oct 13, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes m |
- CVE-2025-40178Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pid_nr_ns __task_pid_nr_ns ns = task_active_pid_ns(current); pid_nr_ns(rcu_dereference(*task_pid_ptr(task, type)), ns); if (pid && ns->level <=
- CVE-2025-40170Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size(). Also use dst_dev_rcu() in ip6_dst_mtu_maybe_forward(), and ip_dst_mtu_maybe_for
- CVE-2025-40167Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BUG_ON in ext4_es_cache_extent() when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is
- CVE-2025-40158Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. We can remove rcu_read_lock()/rcu_read_unlock() pairs from ip6_finish_output2().
- CVE-2025-40153Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect() to a large hugetlb memory area in our customer's workload (~300GB hugetlb memory), soft lockup was observed: watchdog:
- CVE-2025-40135Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.
- CVE-2025-40134Nov 12, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in __dm_suspend() There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before t
- CVE-2025-40103Oct 30, 2025affected < 6.4.0-150600.23.92.1.150600.12.42.2fixed 6.4.0-150600.23.92.1.150600.12.42.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifs_sb_tlink Fix three refcount inconsistency issues related to `cifs_sb_tlink`. Comments for `cifs_sb_tlink` state that `cifs_put_tlink()` needs to be called after successf
- CVE-2025-40102Oct 30, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpr
- CVE-2025-40099Oct 30, 2025affected < 6.4.0-150600.23.92.1.150600.12.42.2fixed 6.4.0-150600.23.92.1.150600.12.42.2
In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of
- CVE-2025-40097Oct 30, 2025affected < 6.4.0-150600.23.87.1.150600.12.40.1fixed 6.4.0-150600.23.87.1.150600.12.40.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hda_component_manager_init function The __component_match_add function may assign the 'matchptr' pointer the value ERR_PTR(-ENOMEM), which will subsequently be dereferenc
- CVE-2025-40081Oct 28, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).
- CVE-2025-40053Oct 28, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer
- CVE-2025-40042Oct 28, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11
- CVE-2025-40033Oct 28, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL check, which could lead to a null pointer dereference. Mov
- CVE-2025-40024Oct 24, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in struct vhost_task. vhost_task_create() creates a task and keeps a reference to its task_struct. That task may exit early via a signal and its task_struct will be released.
- CVE-2023-53714Oct 22, 2025affected < 6.4.0-150600.23.87.1.150600.12.40.1fixed 6.4.0-150600.23.87.1.150600.12.40.1
In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning:
- CVE-2025-40006Oct 20, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio
- CVE-2025-39977Oct 15, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule()
- CVE-2025-39964Oct 13, 2025affected < 6.4.0-150600.23.92.1.150600.12.42.2fixed 6.4.0-150600.23.92.1.150600.12.42.2
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes m
Page 20 of 22