VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

  • CVE-2025-38114Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancel_work_sync to avoid deadlock Previously, e1000_down called cancel_work_sync for the e1000 reset task (via e1000_down_and_stop), which takes RTNL. As reported by users and syzbot, a deadlock i

  • CVE-2025-38113Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these

  • CVE-2025-38112Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable is a valid function pointer when sk resides in a sockmap. After the last sk_psock_put() (which usually happens when socket is removed from

  • CVE-2025-38110Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t

  • CVE-2025-38109Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop

  • CVE-2025-38108Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a race condition in RED, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU

  • CVE-2025-38107Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0

  • CVE-2025-38106Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU:

  • CVE-2025-38105Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat

  • CVE-2025-38103Jul 3, 2025
    affected < 6.4.0-150700.53.16.1fixed 6.4.0-150700.53.16.1

    In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Update struct hid_descriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note

  • CVE-2025-38102Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify During our test, it is found that a warning can be trigger in try_grab_folio as follow: ------------[ cut here ]------------ WARNING:

  • CVE-2025-38099Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken A SCO connection without the proper voice_setting can cause the controller to lock up.

  • CVE-2025-38098Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink Don't try to operate on a drm_wb_connector as an amdgpu_dm_connector. While dereferencing aconnector->base will "work" it

  • CVE-2025-38097Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrm_state ->

  • CVE-2025-38095Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating num_fences smp_store_mb() inserts memory barrier after storing operation. It is different with what the comment is originally aiming so Null pointer dereference ca

  • CVE-2025-38094Jul 3, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macb_halt_tx. There is a situation where after THALT is set high, TGO stays high as well. Because jiffies are never updated, as we are in a context with interrupts

  • CVE-2025-38091Jul 2, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get plane_id [Why & How] Fix a false positive warning which occurs due to lack of correct checks when querying plane_id in DML21. This fixes the warning when pe

  • CVE-2025-38090Jun 30, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() -> riocm_ch_send() cm_chan_msg_send() checks that userspace didn't send too much

  • CVE-2025-38089Jun 30, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC rep

  • CVE-2025-38088Jun 30, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the

Page 82 of 114