VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2025-38382Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix iteration of extrefs during log replay At __inode_add_ref() when processing extrefs, if we jump into the next label we have an undefined value of victim_name.len, since we haven't initialized it befo

  • CVE-2025-38379Jul 25, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2_reconnect_server(), a dummy tcon is passed down to smb2_reconnect() with ->query_interface uninitialized, so we can't call

  • CVE-2025-38377Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: rose: fix dangling neighbour pointers in rose_rt_device_down() There are two bugs in rose_rt_device_down() that can cause use-after-free: 1. The loop bound `t->count` is modified within the loop, which can

  • CVE-2025-38376Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer ove

  • CVE-2025-38375Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring, we forget to check the received length with the true allocate size.

  • CVE-2025-38373Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix potential deadlock in MR deregistration The issue arises when kzalloc() is invoked while holding umem_mutex or any other lock acquired under umem_mutex. This is problematic because kzalloc() can tr

  • CVE-2025-38371Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereference in an interrupt context as shown in the

  • CVE-2025-38369Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic wh

  • CVE-2025-38365Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a race between renames and directory logging We have a race between a rename and directory inode logging that if it happens and we crash/power fail before the rename completes, the next time the file

  • CVE-2025-38363Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix a possible null pointer dereference In tegra_crtc_reset(), new memory is allocated with kzalloc(), but no check is performed. Before calling __drm_atomic_helper_crtc_reset, state should be checke

  • CVE-2025-38362Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for get_first_active_display() The function mod_hdcp_hdcp1_enable_encryption() calls the function get_first_active_display(), but does not check its return value. The ret

  • CVE-2025-38361Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dce_hwseq before dereferencing it [WHAT] hws was checked for null earlier in dce110_blank_stream, indicating hws can be null, and should be checked whenever it is used. (cherry picked f

  • CVE-2025-38360Jul 25, 2025
    affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees [WHY] For non-zero DSC instances it's possible that the HUBP domain required to drive it for sequential ONO ASICs isn't met, potentially causing th

  • CVE-2025-38359Jul 25, 2025
    affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1

    In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix in_atomic() handling in do_secure_storage_access() Kernel user spaces accesses to not exported pages in atomic context incorrectly try to resolve the page fault. With debug options enabled call tra

  • CVE-2025-38356Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Explicitly exit CT safe mode on unwind During driver probe we might be briefly using CT safe mode, which is based on a delayed work, but usually we are able to stop this once we have IRQ fully opera

  • CVE-2025-38355Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt->wq that we use to complete asynchronous removal of some GGTT nodes, this happends as p

  • CVE-2025-38354Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling GPU immediately during boot There is a small chance that the GPU is already hot during boot. In that case, the call to of_devfreq_cooling_register() will immediately try t

  • CVE-2025-38353Jul 25, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It

  • CVE-2025-38352KEVJul 22, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be

  • CVE-2025-38351Jul 19, 2025
    affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow

Page 66 of 106