rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
Vulnerabilities (2,117)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38125 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigge | ||
| CVE-2025-38123 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, i | ||
| CVE-2025-38122 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer. | ||
| CVE-2025-38120 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early | ||
| CVE-2025-38119 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter function can only succeed if UFSHCD_EH_IN_PROGRESS is not set because resuming involves sub | ||
| CVE-2025-38118 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete This reworks MGMT_OP_REMOVE_ADV_MONITOR to not use mgmt_pending_add to avoid crashes like bellow: ================================================== | ||
| CVE-2025-38117 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmt_pending list with its own lock This uses a mutex to protect from concurrent access of mgmt_pending list which can cause crashes like: ============================================= | ||
| CVE-2025-38115 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: fix a potential crash on gso_skb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch->q.len can be inflated by packets in | ||
| CVE-2025-38114 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancel_work_sync to avoid deadlock Previously, e1000_down called cancel_work_sync for the e1000 reset task (via e1000_down_and_stop), which takes RTNL. As reported by users and syzbot, a deadlock i | ||
| CVE-2025-38113 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these | ||
| CVE-2025-38112 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable is a valid function pointer when sk resides in a sockmap. After the last sk_psock_put() (which usually happens when socket is removed from | ||
| CVE-2025-38110 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t | ||
| CVE-2025-38109 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop | ||
| CVE-2025-38108 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a race condition in RED, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU | ||
| CVE-2025-38107 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 | ||
| CVE-2025-38106 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU: | ||
| CVE-2025-38105 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat | ||
| CVE-2025-38103 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Update struct hid_descriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note | ||
| CVE-2025-38102 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify During our test, it is found that a warning can be trigger in try_grab_folio as follow: ------------[ cut here ]------------ WARNING: | ||
| CVE-2025-38099 | — | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken A SCO connection without the proper voice_setting can cause the controller to lock up. |
- CVE-2025-38125Jul 3, 2025affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigge
- CVE-2025-38123Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix napi rx poll issue When driver handles the napi rx polling requests, the netdev might have been released by the dellink logic triggered by the disconnect operation on user plane. However, i
- CVE-2025-38122Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO gve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo() did not check for this case before dereferencing the returned pointer.
- CVE-2025-38120Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo_avx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early
- CVE-2025-38119Jul 3, 2025affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter function can only succeed if UFSHCD_EH_IN_PROGRESS is not set because resuming involves sub
- CVE-2025-38118Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete This reworks MGMT_OP_REMOVE_ADV_MONITOR to not use mgmt_pending_add to avoid crashes like bellow: ==================================================
- CVE-2025-38117Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmt_pending list with its own lock This uses a mutex to protect from concurrent access of mgmt_pending list which can cause crashes like: =============================================
- CVE-2025-38115Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: fix a potential crash on gso_skb handling SFQ has an assumption of always being able to queue at least one packet. However, after the blamed commit, sch->q.len can be inflated by packets in
- CVE-2025-38114Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancel_work_sync to avoid deadlock Previously, e1000_down called cancel_work_sync for the e1000 reset task (via e1000_down_and_stop), which takes RTNL. As reported by users and syzbot, a deadlock i
- CVE-2025-38113Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these
- CVE-2025-38112Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable is a valid function pointer when sk resides in a sockmap. After the last sk_psock_put() (which usually happens when socket is removed from
- CVE-2025-38110Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t
- CVE-2025-38109Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop
- CVE-2025-38108Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a race condition in RED, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU
- CVE-2025-38107Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0
- CVE-2025-38106Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU:
- CVE-2025-38105Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat
- CVE-2025-38103Jul 3, 2025affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Update struct hid_descriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note
- CVE-2025-38102Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify During our test, it is found that a warning can be trigger in try_grab_folio as follow: ------------[ cut here ]------------ WARNING:
- CVE-2025-38099Jul 3, 2025affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken A SCO connection without the proper voice_setting can cause the controller to lock up.
Page 74 of 106