suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

Vulnerabilities (2,117)

• CVE-2025-21869Mar 27, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II (power9) with kernel 6.13: [ 12.028126] =======================================

• CVE-2025-21868Mar 27, 2025
  affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

  In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAX_SKB_FRAGS values Sabrina reported the following splat: WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0 Modules li

• CVE-2025-21867Mar 27, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() KMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The cause of the issue was that eth_skb_pkt_type() accessed skb's data that didn't c

• CVE-2025-2312MedMar 25, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credenti

• CVE-2023-52927HigMar 14, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex

• CVE-2025-21865MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Brad Spengler reported the list_del() corruption splat in gtp_net_exit_batch_rtnl(). [0] Commit eb28fd76c0a0 ("gtp: Destroy device along with u

• CVE-2025-21864MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6_tunnel_net_exit while running tests that boil down to: - create a pair of netns - run a basic TCP test ove

• CVE-2025-21862MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU#1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .owne

• CVE-2025-21859MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to f_midi_transmit, causing a deadlock. Fix it by using queue_wor

• CVE-2025-21858HigMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after-free in geneve_find_dev() [0] without repro. geneve_configure() links struct geneve_dev.next to net_generic(net, geneve_net_id)->

• CVE-2025-21848MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.

• CVE-2025-21846MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This c

• CVE-2025-21844MedMar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for next_buffer in receive_encrypted_standard() Add check for the return value of cifs_buf_get() and cifs_small_buf_get() in receive_encrypted_standard() to prevent null pointer dereferen

• CVE-2025-21866Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vma

• CVE-2025-21863Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode speculation sqe->opcode is used for different tables, make sure we santitise it against speculations.

• CVE-2025-21861Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() If migration succeeded, we called folio_migrate_flags()->mem_cgroup_migrate() to migrate the memcg from the old to the new foli

• CVE-2025-21857Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: fix error handling causing NULL dereference tcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can return 1 if the allocation succeeded after wrapping. This was treated as an er

• CVE-2025-21856Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to device_release() in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees

• CVE-2025-21855Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb m

• CVE-2025-21854Mar 12, 2025
  affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

  In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsock_proto::psock_update_sk_prot(). However, there is an edge case wh