suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

Vulnerabilities (2,117)

• CVE-2025-38472Jul 28, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrack entry from the hash bucket list: [exception RIP: __nf_ct_delet

• CVE-2025-38466MedJul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAP_SYS_ADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the re

• CVE-2025-38465MedJul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk->sk_rmem_alloc. Netlink has this pattern in some places if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf) atomic_add(skb->truesize, &sk->sk_rmem_alloc); , which has the

• CVE-2025-38457MedJul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort __tc_modify_qdisc if parent class does not exist Lion's patch [1] revealed an ancient bug in the qdisc API. Whenever a user creates/modifies a qdisc specifying as a parent another qdisc, the qd

• CVE-2025-38467Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling If there's support for another console device (such as a TTY serial), the kernel occasionally panics during boot. The panic message and a relevant

• CVE-2025-38464Jul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_

• CVE-2025-38463Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug [1] where sk->sk_forward_alloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel w

• CVE-2025-38462Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_{g2h,h2g} TOCTOU vsock_find_cid() and vsock_dev_do_ioctl() may race with module unload. transport_{g2h,h2g} may become NULL after the NULL check. Introduce vsock_transport_local_cid() to p

• CVE-2025-38461Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transport from becoming a stale pointer. This also takes care of an insecure call in vsock_use_local_transport(); add

• CVE-2025-38460Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in to_atmarpd(). atmarpd is protected by RTNL since commit f3a0592b37b8 ("[ATM]: clip causes unregister hang"). However, it is not enough because to_atmarpd() is called

• CVE-2025-38459Jul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clip_push(). syzbot reported the splat below. [0] This happens if we call ioctl(ATMARP_MKIP) more than once. During the first call, clip_mkip() sets clip_push() to vc

• CVE-2025-38458Jul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() atmarpd_dev_ops does not implement the send method, which may cause crash as bellow. BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD

• CVE-2025-38456Jul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() The "intf" list iterator is an invalid pointer if the correct "intf->intf_num" is not found. Calling atomic_dec(&intf->nr_users) on and in

• CVE-2025-38455Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight Reject migration of SEV{-ES} state if either the source or destination VM is actively creating a vCPU, i.e. if kvm_vm_ioctl_create_vc

• CVE-2025-38453Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU syzbot reports that defer/local task_work adding via msg_ring can hit a request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354

• CVE-2025-38449Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer

• CVE-2025-38448Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Fix race condition in TTY wakeup A race condition occurs when gs_start_io() calls either gs_start_rx() or gs_start_tx(), as those functions briefly drop the port_lock for usb_ep_queue().

• CVE-2025-38445Jul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1_reshape In the raid1_reshape function, newpool is allocated on the stack and assigned to conf->r1bio_pool. This results in conf->r1bio_pool.wait.head pointin

• CVE-2025-38444Jul 25, 2025
  affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

  In the Linux kernel, the following vulnerability has been resolved: raid10: cleanup memleak at raid10_make_request If raid10_read_request or raid10_write_request registers a new request and the REQ_NOWAIT flag is set, the code does not free the malloc from the mempool. unrefer

• CVE-2025-38443Jul 25, 2025
  affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

  In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_genl_connect() error path There is a use-after-free issue in nbd: block nbd6: Receive control failed (result -104) block nbd6: shutting down sockets ========================================