suse/kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

Vulnerabilities (2,262)

• CVE-2025-40300MedSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already

• CVE-2025-39790HigSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the T

• CVE-2025-39788HigSep 11, 2025
  affected < 6.4.0-150700.53.25.1fixed 6.4.0-150700.53.25.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE On Google gs101, the number of UTP transfer request slots (nutrs) is 32, and in this case the driver ends up programming the UTRL_NEXUS_TYPE incorrectly

• CVE-2025-39787MedSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate

• CVE-2025-39783HigSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a list_del() on the epf_group field of struct pci_epf_driver in pci_epf_remove_cfs() is not correct as this field is a list head, not a list entry. Thi

• CVE-2025-39782MedSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list() periodically release j_list_lock after processing a batch of buffers to avoid long ho

• CVE-2025-39773MedSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If the time is smaller than

• CVE-2025-39772MedSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmc_unload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. J

• CVE-2025-39770MedSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM When performing Generic Segmentation Offload (GSO) on an IPv6 packet that contains extension headers, the kernel incorrectly requests che

• CVE-2025-39766HigSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit The following setup can trigger a WARNING in htb_activate due to the condition: !cl->leaf.q->q.qlen tc qdisc del dev lo root tc qdisc add

• CVE-2025-39764MedSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hin

• CVE-2025-39760HigSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usb_parse_ss_endpoint_companion() checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this

• CVE-2025-39759HigSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix race between quota disable and quota rescan ioctl There's a race between a task disabling quotas and another running the rescan ioctl that can result in a use-after-free of qgroup records fro

• CVE-2025-39757HigSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer s

• CVE-2025-39756MedSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INT_MAX When sysctl_nr_open is set to a very high value (for example, 1073741816 as set by systemd), processes attempting to use file descriptors near the

• CVE-2025-39749HigSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: rcu: Protect ->defer_qs_iw_pending from data race On kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is invoked within an interrupts-disabled region of code [1], it will invoke rcu_read_unlock_spec

• CVE-2025-39748MedSep 11, 2025
  affected < 6.4.0-150700.53.34.1fixed 6.4.0-150700.53.34.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Forget ranges when refining tnum after JSET Syzbot reported a kernel warning due to a range invariant violation on the following BPF program. 0: call bpf_get_netns_cookie 1: if r0 == 0 goto 2

• CVE-2025-39743HigSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGR_RESERVED_I. When executing evict, its hard link number is 0, so its inode pages are

• CVE-2025-39742MedSep 11, 2025
  affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divi

• CVE-2025-39738HigSep 11, 2025
  affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: do not allow relocation of partially dropped subvolumes [BUG] There is an internal report that balance triggered transaction abort, with the following call trace: item 85 key (594509824 169 0) itemoff