rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP6

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Vulnerabilities (3,769)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-21802		—	< 6.4.0-150600.8.31.1	6.4.0-150600.8.31.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem
CVE-2025-21799		—	< 6.4.0-150600.8.31.1	6.4.0-150600.8.31.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() When getting the IRQ we use k3_udma_glue_tx_get_irq() which returns negative error value on error. So not NULL check is not suffi
CVE-2024-58034		—	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_by_ram_code() releases som
CVE-2025-21796	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the
CVE-2025-21795	Med	5.5	< 6.4.0-150600.8.31.1	6.4.0-150600.8.31.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang la
CVE-2025-21787	Med	5.5	< 6.4.0-150600.8.40.1	6.4.0-150600.8.40.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli
CVE-2025-21776	Med	5.5	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen
CVE-2025-21772	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2025-21767	Med	5.5	< 6.4.0-150600.8.31.1	6.4.0-150600.8.31.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel
CVE-2025-21766	Med	5.5	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
CVE-2025-21765	Med	5.5	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
CVE-2025-21764	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
CVE-2025-21763	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21762	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21761	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.
CVE-2025-21760	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
CVE-2025-21758	Med	5.5	< 6.4.0-150600.8.37.1	6.4.0-150600.8.37.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
CVE-2025-21756	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
CVE-2025-21753	Hig	7.8	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
CVE-2025-21745	Med	5.5	< 6.4.0-150600.8.34.1	6.4.0-150600.8.34.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init\|next)(), but does not end iterating with class_dev_iter_exi

CVE-2025-21802Feb 27, 2025
affected < 6.4.0-150600.8.31.1fixed 6.4.0-150600.8.31.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem
CVE-2025-21799Feb 27, 2025
affected < 6.4.0-150600.8.31.1fixed 6.4.0-150600.8.31.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() When getting the IRQ we use k3_udma_glue_tx_get_irq() which returns negative error value on error. So not NULL check is not suffi
CVE-2024-58034Feb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_by_ram_code() releases som
CVE-2025-21796HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the
CVE-2025-21795MedFeb 27, 2025
affected < 6.4.0-150600.8.31.1fixed 6.4.0-150600.8.31.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang la
CVE-2025-21787MedFeb 27, 2025
affected < 6.4.0-150600.8.40.1fixed 6.4.0-150600.8.40.1
In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli
CVE-2025-21776MedFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen
CVE-2025-21772HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2025-21767MedFeb 27, 2025
affected < 6.4.0-150600.8.31.1fixed 6.4.0-150600.8.31.1
In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel
CVE-2025-21766MedFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
CVE-2025-21765MedFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
CVE-2025-21764HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
CVE-2025-21763HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21762HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21761HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.
CVE-2025-21760HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
CVE-2025-21758MedFeb 27, 2025
affected < 6.4.0-150600.8.37.1fixed 6.4.0-150600.8.37.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
CVE-2025-21756HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
CVE-2025-21753HigFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
CVE-2025-21745MedFeb 27, 2025
affected < 6.4.0-150600.8.34.1fixed 6.4.0-150600.8.34.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exi

Page 69 of 189