rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
Vulnerabilities (2,117)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40051 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modify the return value check The return value of copy_from_iter and copy_to_iter can't be negative, check whether the copied lengths are equal. | ||
| CVE-2025-40049 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval | ||
| CVE-2025-40048 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us | ||
| CVE-2025-40047 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait() For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, | ||
| CVE-2025-40044 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m | ||
| CVE-2025-40043 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Add parameter validation for packet data Syzbot reported an uninitialized value bug in nci_init_req, which was introduced by commit 5aca7966d2a7 ("Merge tag 'perf-tools-fixes-for-v6.17-2025-09-16 | ||
| CVE-2025-40042 | — | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11 | ||
| CVE-2025-40038 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM mus | ||
| CVE-2025-40037 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefb_detach_genpds() The pm_domain cleanup can not be devres managed as it uses struct simplefb_par which is allocated within struct fb_info by framebuffer_alloc(). Th | ||
| CVE-2025-40036 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpc_put_args copy_to_user() failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix th | ||
| CVE-2025-40035 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole aft | ||
| CVE-2025-40033 | — | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL check, which could lead to a null pointer dereference. Mov | ||
| CVE-2025-40032 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dma_chan_tx and dma_chan_rx of the struct pci_epf_test can be NULL even after EPF initialization. Then it is prudent to che | ||
| CVE-2025-40030 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux | ||
| CVE-2025-40029 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check return value of platform_get_resource() platform_get_resource() returns NULL in case of failure, so check its return value and propagate the error in order to prevent NULL pointer dereference | ||
| CVE-2025-40082 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290 | ||
| CVE-2025-40040 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksm_madvise syzkaller discovered the following crash: (kernel BUG) [ 44.607039] ------------[ cut here ]------------ [ 44.607422] kernel BUG at mm/userfaultfd.c:2067! | ||
| CVE-2025-40027 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9_fd_cancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: | ||
| CVE-2025-40024 | — | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in struct vhost_task. vhost_task_create() creates a task and keeps a reference to its task_struct. That task may exit early via a signal and its task_struct will be released. | ||
| CVE-2025-40021 | — | < 6.4.0-150700.20.21.1 | 6.4.0-150700.20.21.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it should also check the lockdown status and reject if i |
- CVE-2025-40051Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modify the return value check The return value of copy_from_iter and copy_to_iter can't be negative, check whether the copied lengths are equal.
- CVE-2025-40049Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval
- CVE-2025-40048Oct 28, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us
- CVE-2025-40047Oct 28, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait() For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress,
- CVE-2025-40044Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m
- CVE-2025-40043Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Add parameter validation for packet data Syzbot reported an uninitialized value bug in nci_init_req, which was introduced by commit 5aca7966d2a7 ("Merge tag 'perf-tools-fixes-for-v6.17-2025-09-16
- CVE-2025-40042Oct 28, 2025affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11
- CVE-2025-40038Oct 28, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM mus
- CVE-2025-40037Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefb_detach_genpds() The pm_domain cleanup can not be devres managed as it uses struct simplefb_par which is allocated within struct fb_info by framebuffer_alloc(). Th
- CVE-2025-40036Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpc_put_args copy_to_user() failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix th
- CVE-2025-40035Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole aft
- CVE-2025-40033Oct 28, 2025affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL check, which could lead to a null pointer dereference. Mov
- CVE-2025-40032Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dma_chan_tx and dma_chan_rx of the struct pci_epf_test can be NULL even after EPF initialization. Then it is prudent to che
- CVE-2025-40030Oct 28, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux
- CVE-2025-40029Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check return value of platform_get_resource() platform_get_resource() returns NULL in case of failure, so check its return value and propagate the error in order to prevent NULL pointer dereference
- CVE-2025-40082Oct 28, 2025affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290
- CVE-2025-40040Oct 28, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksm_madvise syzkaller discovered the following crash: (kernel BUG) [ 44.607039] ------------[ cut here ]------------ [ 44.607422] kernel BUG at mm/userfaultfd.c:2067!
- CVE-2025-40027Oct 28, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9_fd_cancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN:
- CVE-2025-40024Oct 24, 2025affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in struct vhost_task. vhost_task_create() creates a task and keeps a reference to its task_struct. That task may exit early via a signal and its task_struct will be released.
- CVE-2025-40021Oct 24, 2025affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1
In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it should also check the lockdown status and reject if i
Page 31 of 106