rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
Vulnerabilities (421)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-39913 | Hig | 7.8 | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes( | |
| CVE-2025-39890 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Sep 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event Currently, in ath12k_service_ready_ext_event(), svc_rdy_ext.mac_phy_caps is not freed in the failure case, causing a memory leak. The following tr | ||
| CVE-2025-39817 | Hig | 7.1 | < 6.4.0-150600.23.92.1 | 6.4.0-150600.23.92.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6 (present on master as well): BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasan_check_range+0xe8/0x190 | |
| CVE-2025-39813 | Med | 4.7 | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race co | |
| CVE-2025-39829 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already registered WARNING: CPU: 2 PID: 86 | ||
| CVE-2025-39689 | Hig | 7.8 | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Sep 5, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Also allocate and copy hash for reading of filter files Currently the reader of set_ftrace_filter and set_ftrace_notrace just adds the pointer to the global tracer hash to its iterator. Unlike the write | |
| CVE-2025-38728 | Hig | 7.1 | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Sep 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces() (see below): BUG: KASA | |
| CVE-2025-38539 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Aug 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum | ||
| CVE-2025-38379 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Jul 25, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2_reconnect_server(), a dummy tcon is passed down to smb2_reconnect() with ->query_interface uninitialized, so we can't call | ||
| CVE-2025-38322 | Med | 5.5 | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Jul 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in icl_update_topdown_event() The perf_fuzzer found a hard-lockup crash on a RaptorLake machine: Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000 CPU: 23 | |
| CVE-2025-38321 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Jul 10, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when close_all_cached_dirs fails Under low-memory conditions, close_all_cached_dirs() can't move the dentries to a separate list to dput() them once the locks are dropped. This will result in | ||
| CVE-2025-38243 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Jul 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid inode pointer dereferences during log replay In a few places where we call read_one_inode(), if we get a NULL pointer we end up jumping into an error path, or fallthrough in case of __add_ino | ||
| CVE-2025-37861 | — | < 6.4.0-150600.23.92.1 | 6.4.0-150600.23.92.1 | May 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid | ||
| CVE-2025-37813 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | May 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before prepare_transfer() and prepare_ring(), so enqueue can already point at the final link TRB of a segment. And indeed i | ||
| CVE-2025-22047 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by returning false (and not -1 which is promoted to true). | ||
| CVE-2024-53149 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing | ||
| CVE-2024-53070 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. A | ||
| CVE-2024-42103 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfs_reclaim_bgs_work and adding to the unused list. Since the block | ||
| CVE-2024-38542 | — | < 6.4.0-150600.23.92.1 | 6.4.0-150600.23.92.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: boundary check before installing cq callbacks Add a boundary check inside mana_ib_install_cq_cb to prevent index overflow. | ||
| CVE-2024-26944 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe |
- affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(
- CVE-2025-39890Sep 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event Currently, in ath12k_service_ready_ext_event(), svc_rdy_ext.mac_phy_caps is not freed in the failure case, causing a memory leak. The following tr
- affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6 (present on master as well): BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasan_check_range+0xe8/0x190
- affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race co
- CVE-2025-39829Sep 16, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already registered WARNING: CPU: 2 PID: 86
- affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Also allocate and copy hash for reading of filter files Currently the reader of set_ftrace_filter and set_ftrace_notrace just adds the pointer to the global tracer hash to its iterator. Unlike the write
- affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces() (see below): BUG: KASA
- CVE-2025-38539Aug 16, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum
- CVE-2025-38379Jul 25, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2_reconnect_server(), a dummy tcon is passed down to smb2_reconnect() with ->query_interface uninitialized, so we can't call
- affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in icl_update_topdown_event() The perf_fuzzer found a hard-lockup crash on a RaptorLake machine: Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000 CPU: 23
- CVE-2025-38321Jul 10, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when close_all_cached_dirs fails Under low-memory conditions, close_all_cached_dirs() can't move the dentries to a separate list to dput() them once the locks are dropped. This will result in
- CVE-2025-38243Jul 9, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid inode pointer dereferences during log replay In a few places where we call read_one_inode(), if we get a NULL pointer we end up jumping into an error path, or fallthrough in case of __add_ino
- CVE-2025-37861May 9, 2025affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid
- CVE-2025-37813May 8, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before prepare_transfer() and prepare_ring(), so enqueue can already point at the final link TRB of a segment. And indeed i
- CVE-2025-22047Apr 16, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by returning false (and not -1 which is promoted to true).
- CVE-2024-53149Dec 24, 2024affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing
- CVE-2024-53070Nov 19, 2024affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. A
- CVE-2024-42103Jul 30, 2024affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfs_reclaim_bgs_work and adding to the unused list. Since the block
- CVE-2024-38542Jun 19, 2024affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: boundary check before installing cq callbacks Add a boundary check inside mana_ib_install_cq_cb to prevent index overflow.
- CVE-2024-26944May 1, 2024affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe
Page 21 of 22