suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Vulnerabilities (1,794)

• CVE-2025-38498MedJul 30, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

• CVE-2025-38477MedJul 28, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, q

• CVE-2025-38470MedJul 28, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the

• CVE-2025-38468MedJul 28, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default

• CVE-2025-38495Jul 28, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated b

• CVE-2025-38494Jul 28, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those

• CVE-2025-38488Jul 28, 2025
  affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However

• CVE-2025-38474Jul 28, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission.

• CVE-2025-38473Jul 28, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() syzbot reported null-ptr-deref in l2cap_sock_resume_cb(). [0] l2cap_sock_resume_cb() has a similar problem that was fixed by commit 1bff51ea59a9 ("Blueto

• CVE-2025-38465MedJul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk->sk_rmem_alloc. Netlink has this pattern in some places if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf) atomic_add(skb->truesize, &sk->sk_rmem_alloc); , which has the

• CVE-2025-38457MedJul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort __tc_modify_qdisc if parent class does not exist Lion's patch [1] revealed an ancient bug in the qdisc API. Whenever a user creates/modifies a qdisc specifying as a parent another qdisc, the qd

• CVE-2025-38464Jul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_

• CVE-2025-38460Jul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in to_atmarpd(). atmarpd is protected by RTNL since commit f3a0592b37b8 ("[ATM]: clip causes unregister hang"). However, it is not enough because to_atmarpd() is called

• CVE-2025-38449Jul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer

• CVE-2025-38436MedJul 25, 2025
  affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1

  In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drm_sched_entity_kill() removes all jobs belonging to that entity through drm_sched_entity_kill_jobs_work(). If a

• CVE-2025-38430MedJul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check

• CVE-2025-38424Jul 25, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs do_exit() Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access MMIO in bad ways. The crash further shows per

• CVE-2025-38420Jul 25, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports [1, 2] crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass

• CVE-2025-38415Jul 25, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfs_bio_read" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, is

• CVE-2025-38403Jul 25, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left i