VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2023-53997Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone parameters structure"), thermal_zone_device_register() allocates a copy of the tzp argum

  • CVE-2023-53996Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make enc_dec_hypercall() accept a size instead of npages enc_dec_hypercall() accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused p

  • CVE-2023-53995Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0

  • CVE-2023-53994Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: ionic: remove WARN_ON to prevent panic_on_warn Remove unnecessary early code development check and the WARN_ON that it uses. The irq alloc and free paths have long been cleaned up and this check shouldn't have

  • CVE-2023-53992Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check.

  • CVE-2023-53989Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check Both create_mapping_noalloc() and update_mapping_prot() sanity-check their 'virt' parameter, but the check itself doesn't make much sense. The condition used today appears t

  • CVE-2025-68725Dec 24, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skb_warn_bad_offload() from netif_skb_features() -> gso_features_check(). When

  • CVE-2025-68365Dec 24, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfs_read_hdr (3) - KMSAN: uninit-value in bcmp (3) Memory is allocated by __ge

  • CVE-2025-68351Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix refcount leak in exfat_find Fix refcount leaks in `exfat_find` related to `exfat_get_dentry_set`. Function `exfat_get_dentry_set` would increase the reference counter of `es->bh` on success. Therefo

  • CVE-2025-68339Dec 23, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200e_open() Protect access to fore200e->available_cell_rate with rate_mtx lock in the error handling path of fore200e_open() to prevent a data race. The field fore20

  • CVE-2025-68340Dec 23, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of team_port_add Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device header_ops. In the case of the s

  • CVE-2025-68337Dec 22, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted There's issue when file system corrupted: ------------[ cut here ]------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: i

  • CVE-2025-68335Dec 22, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() Syzbot identified an issue [1] in pcl818_ai_cancel(), which stems from the fact that in case of early device detach via pcl818_detach(), subdevice dev->r

  • CVE-2025-68332Dec 22, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistration The Comedi low-level driver "c6xdigio" seems to be for a parallel port connected device. When the Comedi core calls the driver's Comedi "attach" handler

  • CVE-2025-68331Dec 22, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cau

  • CVE-2025-68330Dec 22, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fix irq assumption regression The code in bmc150-accel-core.c unconditionally calls bmc150_accel_set_interrupt() in the iio_buffer_setup_ops, such as on the runtime PM resume path giving a k

  • CVE-2025-68328Dec 22, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platform_set_drvdata and dev_set_drvdata. They both are of the same data and overrides each other. This resulted in the rmmo

  • CVE-2025-68327Dec 22, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Fix synchronous external abort on unbind A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: modprobe usb_f

  • CVE-2025-68325Dec 18, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop In cake_drop(), qdisc_tree_reduce_backlog() is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cake_enqueue(), assumes that

  • CVE-2025-68320Dec 16, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invalid context at kernel/locking/mutex.c:575 in_atomic

Page 15 of 106