VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2025-39946CriOct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner,

  • CVE-2025-39944HigOct 4, 2025
    affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() The original code relies on cancel_delayed_work() in otx2_ptp_destroy(), which does not ensure that the delayed work item synctstamp_work has fully co

  • CVE-2025-39931MedOct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next e

  • CVE-2025-39952Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: avoid buffer overflow in WID string configuration Fix the following copy overflow warning identified by Smatch checker. drivers/net/wireless/microchip/wilc1000/wlan_cfg.c:184 wilc_wlan_parse_r

  • CVE-2025-39949Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: qed: Don't collect too many protection override GRC elements In the protection override dump path, the firmware can return far too many GRC elements, resulting in attempting to write past the end of the previou

  • CVE-2025-39948Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The ice_put_rx_mbuf() function handles calling ice_put_rx_buf() for each buffer in the current frame. This function was introduced as part of handling multi-buffer X

  • CVE-2025-39945Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task The original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(), which does not guarantee that the delayed work item 'delete_task' has fully completed i

  • CVE-2025-39938Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed If earlier opening of source graph fails (e.g. ADSP rejects due to incorrect audioreach topology), the graph is closed and "dai_

  • CVE-2025-39937Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda ("net: rfkill: gpio: get the name and type from device property") rfkill_find_type() gets called with the poss

  • CVE-2025-39934Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ If the interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data such as the I2C t

  • CVE-2023-53528MedOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If create_qp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a s

  • CVE-2023-53526MedOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh->b_transaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2_journal_commit_transaction __jbd2_journal_insert_checkpoint(jh, commit_transaction) /

  • CVE-2023-53523MedOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: fix time stamp counter initialization If the gs_usb device driver is unloaded (or unbound) before the interface is shut down, the USB stack first calls the struct usb_driver::disconnect and then th

  • CVE-2023-53520MedOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the call trace: <4>[102152.

  • CVE-2023-53519MedOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with function: v4l2_m2m_num_s

  • CVE-2023-53516HigOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute named IFLA_MACVLAN_BC_CUTOFF

  • CVE-2023-53515HigOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vm_dev vm_dev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vm_dev struct with devr

  • CVE-2023-53510HigOct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a

  • CVE-2023-53531Oct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: null_blk: fix poll request timeout handling When doing io_uring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. [1] BUG: kernel NULL pointer de

  • CVE-2023-53530Oct 1, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete localhost kernel: BUG: using

Page 39 of 106