VYPR

rpm package

suse/kernel-obs-build&distro=SUSE Linux Enterprise Module for Development Tools 15 SP6

pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6

Vulnerabilities (3,752)

  • CVE-2025-38312MedJul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() In fb_find_mode_cvt(), iff mode->refresh somehow happens to be 0x80000000, cvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It's

  • CVE-2025-38303MedJul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eir_create_adv_data eir_create_adv_data may attempt to add EIR_FLAGS and EIR_TX_POWER without checking if that would fit.

  • CVE-2025-38348Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eeprom_readback message with a

  • CVE-2025-38345Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination o

  • CVE-2025-38344Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a

  • CVE-2025-38343Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses

  • CVE-2025-38338Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could deadlock because folio_unlock() was called twi

  • CVE-2025-38337Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() Since handle->h_transaction may be a NULL pointer, so we should change it to call is_handle_aborted(handle) first before dereferencing it.

  • CVE-2025-38336Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device atta

  • CVE-2025-38335Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in hard irq context, but the input_event() takes a spin_lock, which isn't allowed th

  • CVE-2025-38334Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary storage. SGX instructions do not gracefully handle machine checks. Despite this, th

  • CVE-2025-38332Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway

  • CVE-2025-38328Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2_prealloc_raw_node_refs() result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2_prealloc_raw_node_refs() completed successfully.

  • CVE-2025-38326Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: aoe: clean device rq_list in aoedev_downdev() An aoe device's rq_list contains accepted block requests that are waiting to be transmitted to the aoe target. This queue was added as part of the conversion to blk

  • CVE-2025-38323Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: add lec_mutex syzbot found its way in net/atm/lec.c, and found an error path in lecd_attach() could leave a dangling pointer in dev_lec[]. Add a mutex to protect dev_lecp[] uses from lecd_attach(), l

  • CVE-2025-38319Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table The function atomctrl_initialize_mc_reg_table() and atomctrl_initialize_mc_reg_table_v2_2() does not check the return value

  • CVE-2025-38313Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the deallocations are done but, in the process, introduced a double-free on the mc_dev variable. In case the MC device is a DPRC,

  • CVE-2025-38310Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: seg6: Fix validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified length. This can lead to the kernel reading uninitialized m

  • CVE-2025-38307Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parse_int_array() The first element of the returned array stores its length. If it is 0, any manipulation beyond the element at index 0 ends with null-ptr-deref.

  • CVE-2025-38305Jul 10, 2025
    affected < 6.4.0-150600.23.65.1fixed 6.4.0-150600.23.65.1

    In the Linux kernel, the following vulnerability has been resolved: ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() There is no disagreement that we should check both ptp->is_virtual_clock and ptp->n_vclocks to check if the ptp virtual clock is in use. However, w

Page 38 of 188