VYPR

rpm package

suse/kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

  • CVE-2025-21951Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller

  • CVE-2025-21950Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_state", which are then copied t

  • CVE-2025-21948Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in input_event(). BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrume

  • CVE-2025-21943Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both new_device_store and delete_device_store touch module global resources (e.g. gpio_aggregator_lock). To prevent race conditions with modu

  • CVE-2025-21941Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure 'pipe_ctx

  • CVE-2025-21940Apr 1, 2025
    affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfd_queue_acquire_buffers. (cherry picked from commit 049e5bf3c8406f87c3d8e

  • CVE-2025-21939Apr 1, 2025
    affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmm_range_fault() point to pages that we don't have a reference on, and the guarantee that they are still in

  • CVE-2025-21938Apr 1, 2025
    affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcp_pm_nl

  • CVE-2025-21937Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() in mgmt_remote_name() to prevent null pointer dereference.

  • CVE-2025-21936Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer dereference.

  • CVE-2025-21935Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. If it fails, put_device() should be called to free the memory and give up the reference initial

  • CVE-2025-21934Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. Thus, put_device() should be used rather than kfree(). Add "mport->net = NULL;

  • CVE-2025-21931Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 ("hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined) add page poison checks in do_migrate_range in order to m

  • CVE-2025-21930Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi] Call

  • CVE-2025-21929Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() During the `rmmod` operation for the `intel_ishtp_hid` driver, a use-after-free issue can occur in the hid_ishtp_cl_remove() function. The f

  • CVE-2025-21928Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein

  • CVE-2025-21927Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvme_tcp_recv_pdu() doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invali

  • CVE-2025-21926Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later or

  • CVE-2025-21925Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: llc: do not use skb_get() before dev_queue_xmit() syzbot is able to crash hosts [1], using llc and devices not supporting IFF_TX_SKB_SHARING. In this case, e1000 driver calls eth_skb_pad(), while the skb is sh

  • CVE-2025-21924Apr 1, 2025
    affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error During the initialization of ptp, hclge_ptp_get_cycle might return an error and returned directly without unregiste

Page 102 of 114