VYPR

rpm package

suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6

pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6

Vulnerabilities (421)

  • CVE-2025-68222Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc s32_pinctrl_desc is allocated with devm_kmalloc(), but not all of its fields are initialized. Notably, num_custom_params is used in pinconf_generic_p

  • CVE-2025-68218Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix lockdep WARN due to partition scan work Blktests test cases nvme/014, 057 and 058 fail occasionally due to a lockdep WARN. As reported in the Closes tag URL, the WARN indicates that a deadlo

  • CVE-2025-68217Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: Input: pegasus-notetaker - fix potential out-of-bounds access In the pegasus_notetaker driver, the pegasus_probe() function allocates the URB transfer buffer using the wMaxPacketSize value from the endpoint des

  • CVE-2025-68195Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode Running x86_match_min_microcode_rev() on a Zen5 CPU trips up KASAN for an out of bounds access.

  • CVE-2025-68194Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: media: imon: make send_packet() more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock [1]. First problem is that when usb_rx_callback_intf0(

  • CVE-2025-68192Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup Raw IP packets have no MAC header, leaving skb->mac_header uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystem

  • CVE-2025-68185Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM,

  • CVE-2025-68183Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in se

  • CVE-2025-68180Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref in debugfs odm_combine_segments When a connector is connected but inactive (e.g., disabled by desktop environments), pipe_ctx->stream_res.tg will be destroyed. Then, reading odm_

  • CVE-2025-68176Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doe

  • CVE-2025-68172Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp

  • CVE-2025-68168Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on r

  • CVE-2025-40351Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() The syzbot reported issue in hfsplus_delete_cat(): [ 70.682285][ T9333] ===================================================== [ 70.682943][ T93

  • CVE-2025-40349Dec 16, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: hfs: validate record offset in hfsplus_bmap_alloc hfsplus_bmap_alloc can trigger a crash if a record offset or length is larger than node_size [ 15.264282] BUG: KASAN: slab-out-of-bounds in hfsplus_bmap_allo

  • CVE-2025-40345Dec 12, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report val

  • CVE-2025-40343Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() and then nvmet_disable_por

  • CVE-2025-40342Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reco

  • CVE-2025-40331Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address l

  • CVE-2025-40329Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb The Mesa issue referenced below pointed out a possible deadlock: [ 1231.611031] Possible interrupt unsafe locking scenario: [ 1231.611033] CPU0

  • CVE-2025-40328Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list_lock is acquired in smb2

Page 14 of 22