suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

Vulnerabilities (2,117)

• CVE-2025-39846MedSep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() In __iodyn_find_io_region(), pcmcia_make_resource() is assigned to res and used in pci_bus_alloc_resource(). There is a dereference of res in p

• CVE-2025-39845MedSep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() Define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure page tables are properly synchronized when calling p*d_popu

• CVE-2025-39844MedSep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent me

• CVE-2025-39842MedSep 19, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already been executed in ocfs2_dismount_volume(), so osb->journal must be NULL. There

• CVE-2025-39841HigSep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only t

• CVE-2025-39839HigSep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_packet), reducing payload head

• CVE-2025-39838MedSep 19, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it unchecked to cifs_strndup_to_u

• CVE-2025-39863Sep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work The brcmf_btcoex_detach() only shuts down the btcoex timer, if the flag timer_on is false. However, the brcmf_btcoex_timerfunc(), whic

• CVE-2025-39861Sep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhci_release(), before associa

• CVE-2025-39859Sep 19, 2025
  affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1

  In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog The ptp_ocp_detach() only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timer_delete_sync()

• CVE-2025-39854Sep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ll_ts_intr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low

• CVE-2025-39851Sep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object VXLAN FDB entries can point to either a remote destination or an FDB nexthop group. The latter is usually used in EVPN deployments where learnin

• CVE-2025-39850Sep 19, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is abl

• CVE-2023-53424MedSep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix of_iomap memory leak Smatch reports: drivers/clk/mediatek/clk-mtk.c:583 mtk_clk_simple_probe() warn: 'base' from of_iomap() not released on lines: 496. This problem was also found in lin

• CVE-2023-53421MedSep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq structure with the associated blkg_iostat_set's, there are 2 fields within blkg_iostat

• CVE-2023-53447Sep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] PREEMPT SMP KASAN RIP: 001

• CVE-2023-53446Sep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci_dev of function 0. Previously we retained that pointer when removing function 0

• CVE-2023-53444Sep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thus moving it to the tail) will corrupt the list since the first pointer is not mov

• CVE-2023-53442Sep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ i

• CVE-2023-53441Sep 18, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 (size 192): comm "syz-executor.3", pid 17672, jiffies