VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2025-21889Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perf_iterate_ctx() The perf_iterate_ctx() function performs RCU list traversal but currently lacks RCU read lock protection. This causes lockdep warnings when running

  • CVE-2025-21888Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. In the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code incorrectly

  • CVE-2025-21887Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The issue was caused by dput(upper) being called before ovl_dentry_update_reval(), while upper->d_flags was still accessed in ovl_dentry_r

  • CVE-2025-21886Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP hang on parent deregistration Fix the destroy_unused_implicit_child_mr() to prevent hanging during parent deregistration as of below [1]. Upon entering destroy_unused_implicit_child

  • CVE-2025-21885Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers While using nvme target with use_srq on, below kernel panic is noticed. [ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg of

  • CVE-2025-21884Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during pernet_operations->exit(), their freeing can be delayed by any tx packets still held in qdisc or device queues, due to skb_se

  • CVE-2025-21883Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Repro

  • CVE-2025-21882Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix vport QoS cleanup on error When enabling vport QoS fails, the scheduling node was never freed, causing a leak. Add the missing free and reset the vport scheduling node pointer to NULL.

  • CVE-2025-21881Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000

  • CVE-2025-21880Mar 27, 2025
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmm_range_fault() as a non-fatal error when called from xe_vm_userptr_pin() with the idea that we want to avoid killing the entire vm and chuck

  • CVE-2025-21878Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devm_request_irq The customer reports that there is a soft lockup issue related to the i2c driver. After checking, the i2c module was doing a tx transfer and the b

  • CVE-2025-21877Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelink_bind() Syzbot reports [1] a warning in usb_submit_urb() triggered by inconsistencies between expected and actually present endpoints in gl620a driver. Since gen

  • CVE-2025-21876Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix suspicious RCU usage Commit ("iommu/vt-d: Allocate DMAR fault interrupts locally") moved the call to enable_drhd_fault_handling() to a code path that does not hold any lock while

  • CVE-2025-21875Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.

  • CVE-2025-21873Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: bsg: Fix crash when arpmb command fails If the device doesn't support arpmb we'll crash due to copying user data in bsg_transport_sg_io_fn(). In the case where ufs_bsg_exec_advanced_rpmb_req()

  • CVE-2025-21872Mar 27, 2025
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we (re)map the entire table on each iteration of the loop, adding space as we discover new entries. If t

  • CVE-2024-58091Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O

  • CVE-2024-58090Mar 27, 2025
    affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2

    In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouter_resume+0x0/0x50 WARNING: CPU: 0 PID: 560 at

  • CVE-2025-21871Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing an OP-TEE RPC call. It becomes more complicated wh

  • CVE-2025-21870Mar 27, 2025
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name (sname) as the ALH copier and in that case the copier->data is NULL, no alh_data

Page 97 of 106