suse/kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

Vulnerabilities (2,843)

• CVE-2025-38200Jul 4, 2025
  affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

  In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde

• CVE-2025-38184Jul 4, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun tipc: Started i

• CVE-2025-38181Jul 4, 2025
  affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

  In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_

• CVE-2025-38180Jul 4, 2025
  affected < 5.14.21-150400.24.176.1fixed 5.14.21-150400.24.176.1

  In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.

• CVE-2025-38177Jul 4, 2025
  affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

  In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca

• CVE-2025-38111HigJul 3, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of

• CVE-2025-38159Jul 3, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes:

• CVE-2025-38129Jul 3, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of

• CVE-2025-38120Jul 3, 2025
  affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early

• CVE-2025-38088Jun 30, 2025
  affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the

• CVE-2025-38085Jun 28, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table us

• CVE-2025-38084Jun 28, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, __split_vma() triggers hugetlb page table unsharing through vm_ops->may_split(). This happens before the VMA lock and rmap locks are take

• CVE-2025-38083MedJun 20, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU

• CVE-2022-50116MedJun 18, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. T

• CVE-2022-50073MedJun 18, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tap_get_user calls virtio_net_hdr_to_skb the skb->dev is nu

• CVE-2022-50232Jun 18, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables [ This issue was fixed upstream by accident in c3cee924bd85 ("arm64: head: cover entire kernel image in initial ID map") as part of a large refactoring of the arm64 boo

• CVE-2022-50231Jun 18, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/poly1305 - fix a read out-of-bound A kasan error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon] Read of size 4 at addr

• CVE-2022-50229Jun 18, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in snd_card_register() at probe time, it will free the 'bcd2k->midi_out_urb' before killing it, which may cause a UAF bug. The fo

• CVE-2022-50228Jun 18, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVM_SET_VCPU_EVENTS (

• CVE-2022-50226Jun 18, 2025
  affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

  In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data t