rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6
Vulnerabilities (3,769)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-58069 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer si | ||
| CVE-2024-58068 | — | < 6.4.0-150600.8.37.1 | 6.4.0-150600.8.37.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because t | ||
| CVE-2024-58061 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all | ||
| CVE-2024-58057 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configu | ||
| CVE-2024-58056 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs | ||
| CVE-2024-58055 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command. | ||
| CVE-2024-58054 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 000073757 | ||
| CVE-2024-58053 | — | < 6.4.0-150600.8.43.1 | 6.4.0-150600.8.43.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection. | ||
| CVE-2024-58052 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Mar 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom | ||
| CVE-2025-21814 | Med | 5.5 | < 6.4.0-150600.8.40.1 | 6.4.0-150600.8.40.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affecte | |
| CVE-2025-21806 | Med | 5.5 | < 6.4.0-150600.8.37.1 | 6.4.0-150600.8.37.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget | |
| CVE-2025-21823 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need t | ||
| CVE-2025-21821 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm | ||
| CVE-2025-21820 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr() | ||
| CVE-2025-21819 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with two edp panel. | ||
| CVE-2025-21815 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in isolate_freepages_block(). The bogus compound_order can be any value because it | ||
| CVE-2025-21812 | — | < 6.4.0-150600.8.37.1 | 6.4.0-150600.8.37.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible cir | ||
| CVE-2025-21810 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() There are a potential wild pointer dereferences issue regarding APIs class_dev_iter_(init|next|exit)(), as explained by below typic | ||
| CVE-2025-21808 | — | < 6.4.0-150600.8.37.1 | 6.4.0-150600.8.37.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metad | ||
| CVE-2025-21804 | — | < 6.4.0-150600.8.34.1 | 6.4.0-150600.8.34.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resource. A string variable th |
- CVE-2024-58069Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer si
- CVE-2024-58068Mar 6, 2025affected < 6.4.0-150600.8.37.1fixed 6.4.0-150600.8.37.1
In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because t
- CVE-2024-58061Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all
- CVE-2024-58057Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configu
- CVE-2024-58056Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs
- CVE-2024-58055Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command.
- CVE-2024-58054Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 000073757
- CVE-2024-58053Mar 6, 2025affected < 6.4.0-150600.8.43.1fixed 6.4.0-150600.8.43.1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection.
- CVE-2024-58052Mar 6, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom
- affected < 6.4.0-150600.8.40.1fixed 6.4.0-150600.8.40.1
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affecte
- affected < 6.4.0-150600.8.37.1fixed 6.4.0-150600.8.37.1
In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget
- CVE-2025-21823Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need t
- CVE-2025-21821Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm
- CVE-2025-21820Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr()
- CVE-2025-21819Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with two edp panel.
- CVE-2025-21815Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in isolate_freepages_block(). The bogus compound_order can be any value because it
- CVE-2025-21812Feb 27, 2025affected < 6.4.0-150600.8.37.1fixed 6.4.0-150600.8.37.1
In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible cir
- CVE-2025-21810Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() There are a potential wild pointer dereferences issue regarding APIs class_dev_iter_(init|next|exit)(), as explained by below typic
- CVE-2025-21808Feb 27, 2025affected < 6.4.0-150600.8.37.1fixed 6.4.0-150600.8.37.1
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metad
- CVE-2025-21804Feb 27, 2025affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resource. A string variable th
Page 68 of 189