rpm package
suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
Vulnerabilities (2,117)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-58093 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free"), we would free the ASPM link only after the l | ||
| CVE-2023-53034 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and size. This would make xlate_pos negative. [ 23.734156] switcht | ||
| CVE-2025-22023 | — | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped") in v6.11, the driver didn't skip missed isochronous T | ||
| CVE-2025-22022 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop bug, one without) were seen to cause IOMMU faults after some Missed Service Erro | ||
| CVE-2025-22021 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket (if any). | ||
| CVE-2025-22020 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt | ||
| CVE-2025-22018 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holding_time are NULL. Because there is only for the situ | ||
| CVE-2025-22017 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: devlink: fix xa_alloc_cyclic() error handling In case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will be returned, which will cause IS_ERR() to be false. Which can lead to dereference not alloc | ||
| CVE-2025-22016 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: dpll: fix xa_alloc_cyclic() error handling In case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will be returned, which will cause IS_ERR() to be false. Which can lead to dereference not allocate | ||
| CVE-2025-22015 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/migrate: fix shmem xarray update during migration A shmem folio can be either in page cache or in swap cache, but not at the same time. Namely, once it is in swap cache, folio->mapping should be NULL, and t | ||
| CVE-2025-22014 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdr_add_lookup() to add the look up for the service and does schedule locator work, later a process B got a new server packet indicatin | ||
| CVE-2025-22013 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: * Host SVE being discarded unexpectedly du | ||
| CVE-2025-22010 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer (e.g. MR over 100GB) is being allocated, it may require a c | ||
| CVE-2025-22009 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous probing Sometimes I get a NULL pointer dereference at boot time in kobject_get() with the following call stack: anatop_regulator_probe() devm_regulator_register() regulat | ||
| CVE-2025-22008 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: check that dummy regulator has been probed before using it Due to asynchronous driver probing there is a chance that the dummy regulator hasn't already been probed when first accessing it. | ||
| CVE-2025-22007 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference. | ||
| CVE-2025-22005 | — | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). fib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything when it fails. Commit 7dd73168e273 ("ipv6: Always allocate pcpu memory in | ||
| CVE-2025-22004 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free. | ||
| CVE-2025-22003 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix out of bound read in strscpy() source Commit 7fdaf8966aae ("can: ucan: use strscpy() to instead of strncpy()") unintentionally introduced a one byte out of bound read on strscpy()'s source argume | ||
| CVE-2025-22001 | — | < 6.4.0-150700.20.3.1 | 6.4.0-150700.20.3.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaic_validate_req() These are u64 variables that come from the user via qaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that the math doesn't have an intege |
- CVE-2024-58093Apr 16, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free"), we would free the ASPM link only after the l
- CVE-2023-53034Apr 16, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and size. This would make xlate_pos negative. [ 23.734156] switcht
- CVE-2025-22023Apr 16, 2025affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped") in v6.11, the driver didn't skip missed isochronous T
- CVE-2025-22022Apr 16, 2025affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 (one with start/stop bug, one without) were seen to cause IOMMU faults after some Missed Service Erro
- CVE-2025-22021Apr 16, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket (if any).
- CVE-2025-22020Apr 16, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt
- CVE-2025-22018Apr 16, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOA_cache_impos_rcvd() receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holding_time are NULL. Because there is only for the situ
- CVE-2025-22017Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: devlink: fix xa_alloc_cyclic() error handling In case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will be returned, which will cause IS_ERR() to be false. Which can lead to dereference not alloc
- CVE-2025-22016Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: dpll: fix xa_alloc_cyclic() error handling In case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will be returned, which will cause IS_ERR() to be false. Which can lead to dereference not allocate
- CVE-2025-22015Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/migrate: fix shmem xarray update during migration A shmem folio can be either in page cache or in swap cache, but not at the same time. Namely, once it is in swap cache, folio->mapping should be NULL, and t
- CVE-2025-22014Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdr_add_lookup() to add the look up for the service and does schedule locator work, later a process B got a new server packet indicatin
- CVE-2025-22013Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: * Host SVE being discarded unexpectedly du
- CVE-2025-22010Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer (e.g. MR over 100GB) is being allocated, it may require a c
- CVE-2025-22009Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous probing Sometimes I get a NULL pointer dereference at boot time in kobject_get() with the following call stack: anatop_regulator_probe() devm_regulator_register() regulat
- CVE-2025-22008Apr 8, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: regulator: check that dummy regulator has been probed before using it Due to asynchronous driver probing there is a chance that the dummy regulator hasn't already been probed when first accessing it.
- CVE-2025-22007Apr 3, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference.
- CVE-2025-22005Apr 3, 2025affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). fib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything when it fails. Commit 7dd73168e273 ("ipv6: Always allocate pcpu memory in
- CVE-2025-22004Apr 3, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.
- CVE-2025-22003Apr 3, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix out of bound read in strscpy() source Commit 7fdaf8966aae ("can: ucan: use strscpy() to instead of strncpy()") unintentionally introduced a one byte out of bound read on strscpy()'s source argume
- CVE-2025-22001Apr 3, 2025affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaic_validate_req() These are u64 variables that come from the user via qaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that the math doesn't have an intege
Page 92 of 106