rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Module for Development Tools 15 SP7
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7
Vulnerabilities (2,262)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-58077 | — | < 6.4.0-150700.53.6.1 | 6.4.0-150700.53.6.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Port" log severity") ignores -EINVAL error message on common soc_pcm_ret(). It is u | ||
| CVE-2024-58074 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab intel_display from the encoder to avoid potential oopsies Grab the intel_display from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intel_sanitize_encode | ||
| CVE-2024-58070 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce | ||
| CVE-2024-58068 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because t | ||
| CVE-2024-58062 | — | < 6.4.0-150700.53.6.1 | 6.4.0-150700.53.6.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_ | ||
| CVE-2024-58053 | — | < 6.4.0-150700.53.6.1 | 6.4.0-150700.53.6.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection. | ||
| CVE-2025-21814 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affecte | |
| CVE-2025-21806 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget | |
| CVE-2025-21824 | — | < 6.4.0-150700.53.6.1 | 6.4.0-150700.53.6.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 ("gpu: host1x: Fix boot regression for Tegra") caused a use of uninitialized mutex leading to below warning when CONFIG_DEBUG_MUTEXES and CONFIG | ||
| CVE-2025-21821 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm | ||
| CVE-2025-21812 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible cir | ||
| CVE-2025-21808 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metad | ||
| CVE-2025-21805 | — | < 6.4.0-150700.53.6.1 | 6.4.0-150700.53.6.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit() call A warning is triggered when repeatedly connecting and disconnecting the rnbd: list_add corruption. prev->next should be next (ffff88800b13e480), but was ffff88801ecd1338. ( | ||
| CVE-2025-21800 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for HWS_SET32 macro is negative, UBSAN complains about the shift-out-of-bounds: UBSAN: shift-out-of-bounds in drivers/net/et | ||
| CVE-2025-21796 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the | |
| CVE-2025-21787 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli | |
| CVE-2025-21772 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede | |
| CVE-2025-21766 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear. | |
| CVE-2025-21765 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear. | |
| CVE-2025-21764 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF. |
- CVE-2024-58077Mar 6, 2025affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Port" log severity") ignores -EINVAL error message on common soc_pcm_ret(). It is u
- CVE-2024-58074Mar 6, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab intel_display from the encoder to avoid potential oopsies Grab the intel_display from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intel_sanitize_encode
- CVE-2024-58070Mar 6, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce
- CVE-2024-58068Mar 6, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because t
- CVE-2024-58062Mar 6, 2025affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_
- CVE-2024-58053Mar 6, 2025affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affecte
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget
- CVE-2025-21824Feb 27, 2025affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 ("gpu: host1x: Fix boot regression for Tegra") caused a use of uninitialized mutex leading to below warning when CONFIG_DEBUG_MUTEXES and CONFIG
- CVE-2025-21821Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm
- CVE-2025-21812Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible cir
- CVE-2025-21808Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metad
- CVE-2025-21805Feb 27, 2025affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit() call A warning is triggered when repeatedly connecting and disconnecting the rnbd: list_add corruption. prev->next should be next (ffff88800b13e480), but was ffff88801ecd1338. (
- CVE-2025-21800Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for HWS_SET32 macro is negative, UBSAN complains about the shift-out-of-bounds: UBSAN: shift-out-of-bounds in drivers/net/et
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
Page 107 of 114