VYPR

rpm package

suse/kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

  • CVE-2025-38203Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: Fix null-ptr-deref in jfs_ioc_trim [ Syzkaller Report ] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000087: 0000 [#1 KASAN: null-ptr-deref in range [0x0000000000000438-0

  • CVE-2025-38202Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpf_map_look

  • CVE-2025-38201Jul 4, 2025
    affected < 6.4.0-150700.53.16.1fixed 6.4.0-150700.53.16.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. Similar to:

  • CVE-2025-38200Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde

  • CVE-2025-38197Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell_rbu: Fix list usage Pass the correct list head to list_for_each_entry*() when looping through the packet list. Without this patch, reading the packet data via sysfs will show the data incorr

  • CVE-2025-38194Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2_link_node_ref, caused by fault injection in jffs2_prealloc_raw_node_refs. jffs2_sum_write_sumnode doe

  • CVE-2025-38193Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported that SFQ perturb_period has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to mak

  • CVE-2025-38192Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address

  • CVE-2025-38190Jul 4, 2025
    affected < 6.4.0-150700.53.16.1fixed 6.4.0-150700.53.16.1

    In the Linux kernel, the following vulnerability has been resolved: atm: Revert atm_account_tx() if copy_from_iter_full() fails. In vcc_sendmsg(), we account skb->truesize to sk->sk_wmem_alloc by atm_account_tx(). It is expected to be reverted by atm_pop_raw() later called by

  • CVE-2025-38189Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` The following kernel Oops was recently reported by Mesa CI: [ 800.139824] Unable to handle kernel NULL pointer dereference at virtual addres

  • CVE-2025-38188Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persisten

  • CVE-2025-38187Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() The RPC container is released after being passed to r535_gsp_rpc_send(). When sending the initial fragment of a large RPC and passing the caller's RPC c

  • CVE-2025-38186Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() Before the commit under the Fixes tag below, bnxt_ulp_stop() and bnxt_ulp_start() were always invoked in pairs. After that commit, the new bnx

  • CVE-2025-38185Jul 4, 2025
    affected < 6.4.0-150700.53.16.1fixed 6.4.0-150700.53.16.1

    In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcp_c_send(). syzbot reported the splat below. [0] vcc_sendmsg() copies data passed from userspace to skb and passes it to vcc->dev->ops->send(). atmtcp_c_send() acc

  • CVE-2025-38184Jul 4, 2025
    affected < 6.4.0-150700.53.16.1fixed 6.4.0-150700.53.16.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun tipc: Started i

  • CVE-2025-38183Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() Before calling lan743x_ptp_io_event_clock_get(), the 'channel' value is checked against the maximum value of PCI11X1X_PTP_IO_M

  • CVE-2025-38182Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device.

  • CVE-2025-38181Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_

  • CVE-2025-38180Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.

  • CVE-2025-38177Jul 4, 2025
    affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1

    In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca

Page 79 of 114