VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2025-38157Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-z

  • CVE-2025-38155Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7915_mmio_wed_init() does not check for this case, which results in a NULL pointer dereference

  • CVE-2025-38154Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sk_socket after free when sending The sk->sk_socket is not locked or referenced in backlog thread, and during the call to skb_send_sock(), there is a race condition with the release of

  • CVE-2025-38153Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error (see report [1]) in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This p

  • CVE-2025-38151Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work The cited commit fixed a crash when cma_netevent_callback was called for a cma_id while work on that id from a previous call had not yet started

  • CVE-2025-38149Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev->devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phy_detach() calls device_link_del() t

  • CVE-2025-38148Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the

  • CVE-2025-38147Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AF_INET sk. syzkaller reported a null-ptr-deref in txopt_get(). [0] The offset 0x70 was of struct ipv6_txoptions in struct ipv6_pinfo, so struct ipv6_pinfo was NULL th

  • CVE-2025-38146Jul 3, 2025
    affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, so

  • CVE-2025-38145Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() devm_kasprintf() returns NULL when memory allocation fails. Currently, aspeed_lpc_enable_snoop() does not check for this case, which results in a NULL po

  • CVE-2025-38143Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wled_configure() devm_kasprintf() returns NULL when memory allocation fails. Currently, wled_configure() does not check for this case, which results in a NULL pointer derefe

  • CVE-2025-38142Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (asus-ec-sensors) check sensor index in read_string() Prevent a potential invalid memory access when the requested sensor is not found. find_ec_sensor_index() may return a negative value (e.g. -ENOENT),

  • CVE-2025-38138Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Add NULL check in udma_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, udma_probe() does not check for this case, which results in a NULL pointer dereference. Add

  • CVE-2025-38136Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Reorder clock handling and power management in probe Reorder the initialization sequence in `usbhs_probe()` to enable runtime PM before accessing registers, preventing potential crashes due

  • CVE-2025-38135Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: serial: Fix potential null-ptr-deref in mlb_usio_probe() devm_ioremap() can return NULL on error. Currently, mlb_usio_probe() does not check for this case, which could result in a NULL pointer dereference. Add

  • CVE-2025-38132Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 (perf enable)

  • CVE-2025-38131Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfg_csdev_enable_active_config(), active config could be deactivated via configfs' sysfs interface. This co

  • CVE-2025-38129Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of

  • CVE-2025-38127Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue number. In

  • CVE-2025-38126Jul 3, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping The stmmac platform drivers that do not open-code the clk_ptp_rate value after having retrieved the default one from the device-tree

Page 73 of 106