suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

Vulnerabilities (2,117)

• CVE-2023-53703Oct 22, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... [ 6.120512] UBS

• CVE-2023-53699Oct 22, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: riscv: move memblock_allow_resize() after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through

• CVE-2023-53698Oct 22, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xp_alloc_tx_descs() fails, and it can only fail due to no

• CVE-2023-53697Oct 22, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in function 'register_nvdimm_pmu' and is lost after 'kfree(nd_pmu)' call in function 'u

• CVE-2023-53693Oct 22, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigg

• CVE-2025-40016Oct 20, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Terminal within the video function i

• CVE-2025-40013Oct 20, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widget_load_module_common() could return NULL or an error pointer. Add missing NULL ch

• CVE-2025-40012Oct 20, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: net/smc: fix warning in smc_rx_splice() when calling get_page() smc_lo_register_dmb() allocates DMB buffers with kzalloc(), which are later passed to get_page() in smc_rx_splice(). Since kmalloc memory is not p

• CVE-2025-40011Oct 20, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pci_set_drvdata sets the value of pdev->driver_data to NULL, after which the driver_data obtained from the same dev is dereferenced in oaktrail_hdmi_i2c_exit, a

• CVE-2025-40010Oct 20, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afs_put_server afs_put_server() accessed server->debug_id before the NULL check, which could lead to a null pointer dereference. Move the debug_id assignment, ensu

• CVE-2025-40006Oct 20, 2025
  affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

  In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio

• CVE-2025-40005Oct 20, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver support indirect read and indirect write operation with assumption no force device removal(unbind) operation. However force device re

• CVE-2025-40001Oct 18, 2025
  affected < 6.4.0-150700.20.21.1fixed 6.4.0-150700.20.21.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue During the detaching of Marvell's SAS/SATA controller, the original code calls cancel_delayed_work() in mvs_free() to cancel the delayed work item mwq->wor

• CVE-2025-40000Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to access already freed skb_data: BUG: KFENCE: use-after-free write in

• CVE-2025-39997Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free The previous commit 0718a78f6a9f ("ALSA: usb-audio: Kill timer properly at removal") patched a UAF issue caused by the error timer. However, becau

• CVE-2025-39996Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove The original code uses cancel_delayed_work() in flexcop_pci_remove(), which does not guarantee that the delayed work item irq_chec

• CVE-2025-39995Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state->timer is a cyclic timer that schedules work_i2c_poll and delayed_work_enable_hotplug, while rearming itself. Using timer_

• CVE-2025-39994Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000_release The original code uses cancel_delayed_work() in xc5000_release(), which does not guarantee that the delayed work item timer_sleep has fully completed i

• CVE-2025-39993Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline] BUG: KASAN: use-after-free in send_packet+0xa2d/0

• CVE-2025-39991Oct 15, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() If ab->fw.m3_data points to data, then fw pointer remains null. Further, if m3_mem is not allocated, then fw is dereferenced to be passed to ath11k_err