rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-21763	Hig	7.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21762	Hig	7.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21761	Hig	7.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.
CVE-2025-21760	Hig	7.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
CVE-2025-21758	Med	5.5	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
CVE-2025-21753	Hig	7.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
CVE-2025-21739	Hig	7.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto
CVE-2024-58020	Med	5.5	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure
CVE-2025-21792		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SO_BINDTODEVICE socket option, a refcount leak will occur in ax25_release(). Commit 9fd75
CVE-2025-21782		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... several people suggested fixes, I tested Al Viro's suggestion and made this patch.
CVE-2025-21770		—	< 6.4.0-150700.53.6.1	6.4.0-150700.53.6.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopf_queue_remove_device() The iopf_queue_remove_device() helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstan
CVE-2025-21768		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwt
CVE-2025-21759		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note
CVE-2024-54458		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF)
CVE-2024-49570		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event. Fix th
CVE-2024-58019		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total s
CVE-2024-58018		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one availab
CVE-2024-58015		—	< 6.4.0-150700.53.6.1	6.4.0-150700.53.6.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible ou
CVE-2024-58004		—	< 6.4.0-150700.53.6.1	6.4.0-150700.53.6.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: remove cpu latency qos request on error Fix cpu latency qos list corruption like below. It happens when we do not remove cpu latency request on error path and free corresponding memory. [
CVE-2024-58001		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;-) So I've redone it as ind

CVE-2025-21763HigFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21762HigFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21761HigFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.
CVE-2025-21760HigFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
CVE-2025-21758MedFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
CVE-2025-21753HigFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
CVE-2025-21739HigFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto
CVE-2024-58020MedFeb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure
CVE-2025-21792Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SO_BINDTODEVICE socket option, a refcount leak will occur in ax25_release(). Commit 9fd75
CVE-2025-21782Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... several people suggested fixes, I tested Al Viro's suggestion and made this patch.
CVE-2025-21770Feb 27, 2025
affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopf_queue_remove_device() The iopf_queue_remove_device() helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstan
CVE-2025-21768Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwt
CVE-2025-21759Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note
CVE-2024-54458Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF)
CVE-2024-49570Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event. Fix th
CVE-2024-58019Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total s
CVE-2024-58018Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one availab
CVE-2024-58015Feb 27, 2025
affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible ou
CVE-2024-58004Feb 27, 2025
affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: remove cpu latency qos request on error Fix cpu latency qos list corruption like below. It happens when we do not remove cpu latency request on error path and free corresponding memory. [
CVE-2024-58001Feb 27, 2025
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;-) So I've redone it as ind

Page 108 of 114