rpm package
suse/kernel-source-coco&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6
pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6
Vulnerabilities (2,052)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-23161 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interru | ||
| CVE-2025-23159 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr->buf_size is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer | ||
| CVE-2025-23158 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, | ||
| CVE-2025-23157 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: add check to avoid out of bound access There is a possibility that init_codecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecs_count c | ||
| CVE-2025-23156 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in total payload, while data points to payload of various property within it. When words_count reaches last wo | ||
| CVE-2025-23155 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hi | ||
| CVE-2025-23151 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Fix race between unprepare and queue_buf A client driver may use mhi_unprepare_from_transfer() to quiesce incoming data during the client driver's tear down. The client driver might also be proc | ||
| CVE-2025-23150 | — | < 6.4.0-15061.21.coco15sp6.1 | 6.4.0-15061.21.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free | ||
| CVE-2025-23149 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can lead to a spurious tpm_chip_start() call: [35985.503771] i2c i2c-1: Transfer while suspended [35 | ||
| CVE-2025-23148 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() soc_dev_attr->revision could be NULL, thus, a pointer check is added to prevent potential NULL pointer dereference. This is similar t | ||
| CVE-2025-23147 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3c_master_queue_ibi() The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls `i3c_master_queue_ibi()` to queu | ||
| CVE-2025-23146 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mfd: ene-kb3930: Fix a potential NULL pointer dereference The off_gpios could be NULL. Add missing check in the kb3930_probe(). This is similar to the issue fixed in commit b1ba8bcb2d1f ("backlight: hx8357: Fix | ||
| CVE-2025-23145 | — | < 6.4.0-15061.21.coco15sp6.1 | 6.4.0-15061.21.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a | ||
| CVE-2025-23144 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() Lockdep detects the following issue on led-backlight removal: [ 142.315935] ------------[ cut here ]------------ [ 142.315954] WARN | ||
| CVE-2025-23142 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctp_sendmsg() re-uses associations and transports when possible by doing a lookup based on the socket endpoint and the message destination ad | ||
| CVE-2025-23141 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Acquire a lock on kvm->srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e | ||
| CVE-2025-23140 | — | < 6.4.0-15061.21.coco15sp6.1 | 6.4.0-15061.21.coco15sp6.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error After devm_request_irq() fails with error in pci_endpoint_test_request_irq(), the pci_endpoint_test_free_irq_vectors() is cal | ||
| CVE-2024-58099 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Apr 29, 2025 | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsu | ||
| CVE-2025-40325 | — | < 6.4.0-15061.21.coco15sp6.1 | 6.4.0-15061.21.coco15sp6.1 | Apr 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: wait barrier before returning discard request with REQ_NOWAIT raid10_handle_discard should wait barrier before returning a discard bio which has REQ_NOWAIT. And there is no need to print warning call | ||
| CVE-2025-40014 | — | < 6.4.0-15061.28.coco15sp6.1 | 6.4.0-15061.28.coco15sp6.1 | Apr 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() If speed_hz < AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the entire amd_spi_freq array without breaking out early, causing 'i' to go |
- CVE-2025-23161May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interru
- CVE-2025-23159May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr->buf_size is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer
- CVE-2025-23158May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation,
- CVE-2025-23157May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: add check to avoid out of bound access There is a possibility that init_codecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecs_count c
- CVE-2025-23156May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in total payload, while data points to payload of various property within it. When words_count reaches last wo
- CVE-2025-23155May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hi
- CVE-2025-23151May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Fix race between unprepare and queue_buf A client driver may use mhi_unprepare_from_transfer() to quiesce incoming data during the client driver's tear down. The client driver might also be proc
- CVE-2025-23150May 1, 2025affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free
- CVE-2025-23149May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can lead to a spurious tpm_chip_start() call: [35985.503771] i2c i2c-1: Transfer while suspended [35
- CVE-2025-23148May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() soc_dev_attr->revision could be NULL, thus, a pointer check is added to prevent potential NULL pointer dereference. This is similar t
- CVE-2025-23147May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3c_master_queue_ibi() The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls `i3c_master_queue_ibi()` to queu
- CVE-2025-23146May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: mfd: ene-kb3930: Fix a potential NULL pointer dereference The off_gpios could be NULL. Add missing check in the kb3930_probe(). This is similar to the issue fixed in commit b1ba8bcb2d1f ("backlight: hx8357: Fix
- CVE-2025-23145May 1, 2025affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. Call trace: mptcp_can_a
- CVE-2025-23144May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() Lockdep detects the following issue on led-backlight removal: [ 142.315935] ------------[ cut here ]------------ [ 142.315954] WARN
- CVE-2025-23142May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctp_sendmsg() re-uses associations and transports when possible by doing a lookup based on the socket endpoint and the message destination ad
- CVE-2025-23141May 1, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Acquire a lock on kvm->srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e
- CVE-2025-23140May 1, 2025affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error After devm_request_irq() fails with error in pci_endpoint_test_request_irq(), the pci_endpoint_test_free_irq_vectors() is cal
- CVE-2024-58099Apr 29, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsu
- CVE-2025-40325Apr 18, 2025affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: wait barrier before returning discard request with REQ_NOWAIT raid10_handle_discard should wait barrier before returning a discard bio which has REQ_NOWAIT. And there is no need to print warning call
- CVE-2025-40014Apr 18, 2025affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1
In the Linux kernel, the following vulnerability has been resolved: objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() If speed_hz < AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the entire amd_spi_freq array without breaking out early, causing 'i' to go
Page 29 of 103