suse/kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

Vulnerabilities (2,262)

• CVE-2025-39869Sep 23, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Fix a critical memory allocation bug in edma_setup_from_hw() where queue_priority_map was allocated with insufficient memory. The code decl

• CVE-2025-39866HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in __mark_inode_dirty() An use-after-free issue occurred when __mark_inode_dirty() get the bdi_writeback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-r

• CVE-2025-39865MedSep 19, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in tee_shm_put tee_shm_put have NULL pointer dereference: __optee_disable_shm_cache --> shm = reg_pair_to_ptr(...);//shm maybe return NULL tee_shm_free(shm); --> te

• CVE-2025-39864HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the las

• CVE-2025-39860HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() syzbot reported the splat below without a repro. In the splat, a single thread calling bt_accept_dequeue() freed sk and touched it after that. The

• CVE-2025-39857MedSep 19, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() BUG: kernel NULL pointer dereference, address: 00000000000002ec PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kwor

• CVE-2025-39853HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty list_first_entry() never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory acces

• CVE-2025-39849HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would lead to memory corruption so add some bounds checking.

• CVE-2025-39848MedSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25_kiss_rcv() Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d ("net: introduce per netns packet chains"). skb->dev becomes NULL and we crash in __

• CVE-2025-39847MedSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: ppp: fix memory leak in pad_compress_skb If alloc_skb() fails in pad_compress_skb(), it returns NULL without releasing the old skb. The caller does: skb = pad_compress_skb(ppp, skb); if (!skb)

• CVE-2025-39846MedSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to res and used in pci_bus_alloc_resource(). There is a dereference of res in p

• CVE-2025-39845MedSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() Define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure page tables are properly synchronized when calling p*d_popu

• CVE-2025-39844MedSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent me

• CVE-2025-39842MedSep 19, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. There

• CVE-2025-39841HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only t

• CVE-2025-39839HigSep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload head

• CVE-2025-39838MedSep 19, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it unchecked to cifs_strndup_to_u

• CVE-2025-39863Sep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work The brcmf_btcoex_detach() only shuts down the btcoex timer, if the flag timer_on is false. However, the brcmf_btcoex_timerfunc(), whic

• CVE-2025-39861Sep 19, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhci_release(), before associa

• CVE-2025-39859Sep 19, 2025
  affected < 6.4.0-150700.53.25.1fixed 6.4.0-150700.53.25.1

  In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog The ptp_ocp_detach() only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timer_delete_sync()