VYPR

rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

  • CVE-2025-38227Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtv_mux_init. [1] After PSI initialization fails, the si member is accessed again, res

  • CVE-2025-38226Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline] BUG: KASAN: vmallo

  • CVE-2025-38225Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an allocation error When allocation failures are not cleaned up by the driver, further allocation errors will be false-positives, which will cause buffers to remain uninitialized

  • CVE-2025-38220Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Tra

  • CVE-2025-38217Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (ftsteutates) Fix TOCTOU race in fts_read() In the fts_read() function, when handling hwmon_pwm_auto_channels_temp, the code accesses the shared variable data->fan_source[channel] twice without holding a

  • CVE-2025-38211Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref

  • CVE-2025-38210Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsm_ops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items.

  • CVE-2025-38208Jul 4, 2025
    affected < 6.4.0-150600.8.52.1fixed 6.4.0-150600.8.52.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automount_fullpath page is checked for null in __build_path_from_dentry_optional_prefix when tcon->origin_fullpath is not set. However, the check is missing when it is set. Add a

  • CVE-2025-38206Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre

  • CVE-2025-38205Jul 4, 2025
    affected < 6.4.0-150600.8.52.1fixed 6.4.0-150600.8.52.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 [Why] If the dummy values in `populate_dummy_dml_surface_cfg()` aren't updated then they can lead to a divide by zero in downstream callers

  • CVE-2025-38204Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in add_missing_indices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails

  • CVE-2025-38203Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: Fix null-ptr-deref in jfs_ioc_trim [ Syzkaller Report ] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000087: 0000 [#1 KASAN: null-ptr-deref in range [0x0000000000000438-0

  • CVE-2025-38202Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpf_map_look

  • CVE-2025-38201Jul 4, 2025
    affected < 6.4.0-150600.8.52.1fixed 6.4.0-150600.8.52.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. Similar to:

  • CVE-2025-38200Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde

  • CVE-2025-38197Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell_rbu: Fix list usage Pass the correct list head to list_for_each_entry*() when looping through the packet list. Without this patch, reading the packet data via sysfs will show the data incorr

  • CVE-2025-38194Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2_link_node_ref, caused by fault injection in jffs2_prealloc_raw_node_refs. jffs2_sum_write_sumnode doe

  • CVE-2025-38193Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported that SFQ perturb_period has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to mak

  • CVE-2025-38190Jul 4, 2025
    affected < 6.4.0-150600.8.52.1fixed 6.4.0-150600.8.52.1

    In the Linux kernel, the following vulnerability has been resolved: atm: Revert atm_account_tx() if copy_from_iter_full() fails. In vcc_sendmsg(), we account skb->truesize to sk->sk_wmem_alloc by atm_account_tx(). It is expected to be reverted by atm_pop_raw() later called by

  • CVE-2025-38188Jul 4, 2025
    affected < 6.4.0-150600.8.48.1fixed 6.4.0-150600.8.48.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persisten

Page 41 of 189