rpm package
suse/kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7
pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
Vulnerabilities (2,365)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21766 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear. | |
| CVE-2025-21765 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear. | |
| CVE-2025-21764 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF. | |
| CVE-2025-21763 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. | |
| CVE-2025-21762 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. | |
| CVE-2025-21761 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF. | |
| CVE-2025-21760 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF. | |
| CVE-2025-21758 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation | |
| CVE-2025-21753 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a | |
| CVE-2025-21739 | Hig | 7.8 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto | |
| CVE-2024-58020 | Med | 5.5 | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure | |
| CVE-2025-21792 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SO_BINDTODEVICE socket option, a refcount leak will occur in ax25_release(). Commit 9fd75 | ||
| CVE-2025-21782 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... several people suggested fixes, I tested Al Viro's suggestion and made this patch. | ||
| CVE-2025-21770 | — | < 6.4.0-150700.53.6.1 | 6.4.0-150700.53.6.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopf_queue_remove_device() The iopf_queue_remove_device() helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstan | ||
| CVE-2025-21768 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwt | ||
| CVE-2025-21759 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note | ||
| CVE-2024-54458 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF) | ||
| CVE-2024-49570 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event. Fix th | ||
| CVE-2024-58019 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total s | ||
| CVE-2024-58018 | — | < 6.4.0-150700.53.3.1 | 6.4.0-150700.53.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one availab |
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix use-after free in init error and remove paths devm_blk_crypto_profile_init() registers a cleanup handler to run when the associated (platform-) device is being released. For UFS, the crypto
- affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure
- CVE-2025-21792Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt If an AX25 device is bound to a socket by setting the SO_BINDTODEVICE socket option, a refcount leak will occur in ax25_release(). Commit 9fd75
- CVE-2025-21782Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... several people suggested fixes, I tested Al Viro's suggestion and made this patch.
- CVE-2025-21770Feb 27, 2025affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopf_queue_remove_device() The iopf_queue_remove_device() helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstan
- CVE-2025-21768Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwt
- CVE-2025-21759Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note
- CVE-2024-54458Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF)
- CVE-2024-49570Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event. Fix th
- CVE-2024-58019Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total s
- CVE-2024-58018Feb 27, 2025affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one availab
Page 113 of 119