VYPR

rpm package

suse/kernel-source-coco&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6

pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6

Vulnerabilities (2,052)

  • CVE-2025-38516Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-

  • CVE-2025-38515Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spsc_queue_push and the run-job worker, in which spsc_queue_push may return not-first while the run-job worker has alre

  • CVE-2025-38514Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AF_RXRPC service socket is opened and bound, but calls are preallocated, then rxrpc_alloc_incoming_call() will oops because the rxrpc_backlo

  • CVE-2025-38513Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For example, the following is possible: T0 T1 zd_m

  • CVE-2025-38512Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAt

  • CVE-2025-38510Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like:

  • CVE-2025-38506Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory (1TB+), the host can experience CPU soft lockups when running an op

  • CVE-2025-38503Aug 16, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info (device loop0 state M): r

  • CVE-2025-38500Aug 12, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in

  • CVE-2025-38499MedAug 11, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be

  • CVE-2024-58238Aug 9, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test This fixes the tx timeout issue seen while running a stress test on btnxpuart for couple of hours, such that the interval between two HCI

  • CVE-2025-38498MedJul 30, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

  • CVE-2025-38491MedJul 28, 2025
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]

  • CVE-2025-38477MedJul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, q

  • CVE-2025-38471HigJul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if

  • CVE-2025-38470MedJul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the

  • CVE-2025-38468MedJul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default

  • CVE-2025-38497Jul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating

  • CVE-2025-38496Jul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: dm-bufio: fix sched in atomic context If "try_verify_in_tasklet" is set for dm-verity, DM_BUFIO_CLIENT_NO_SLEEP is enabled for dm-bufio. However, when bufio tries to evict buffers, there is a chance to trigger

  • CVE-2025-38495Jul 28, 2025
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated b

Page 6 of 103