suse/kernel-zfcpdump&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

Vulnerabilities (2,262)

• CVE-2025-37931MedMay 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not wr

• CVE-2025-37963May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In

• CVE-2025-37961May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in do_output_route4 syzbot reports for uninit-value for the saddr argument [1]. commit 4754957f04f5 ("ipvs: do not use random local source address for tunnels") already implies

• CVE-2025-37960May 20, 2025
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: memblock: Accept allocated memory before use in memblock_double_array() When increasing the array size in memblock_double_array() and the slab is not yet available, a call to memblock_find_in_range() is used to

• CVE-2025-37959May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Scrub packet on bpf_redirect_peer When bpf_redirect_peer is used to redirect packets to a device in another network namespace, the skb isn't scrubbed. That can lead skb information from one namespace to be

• CVE-2025-37958May 20, 2025
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate

• CVE-2025-37957May 20, 2025
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f ("KVM: x86: forcibly leave nested mode on vCPU reset") addressed an issue where a triple fault occurring in nested mode

• CVE-2025-37954May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in open_cached_dir with lease breaks A pre-existing valid cfid returned from find_or_create_cached_dir might race with a lease break, meaning open_cached_dir doesn't consider it valid, a

• CVE-2025-37953May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres

• CVE-2025-37951May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the reset was skipped When a CL/CSD job times out, we check if the GPU has made any progress since the last timeout. If so, instead of resetting the hardware, we skip the res

• CVE-2025-37949May 20, 2025
  affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1

  In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbus_thread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:__wake_up_common+0x4c/

• CVE-2025-37948May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program

• CVE-2025-37946May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs With commit bcb5d6c76903 ("s390/pci: introduce lock to synchronize state of zpci_dev's") the code to ignore power off of a PF that h

• CVE-2025-37944May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Currently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry to fetch the next entry from the destination ring. This is incor

• CVE-2025-37943May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi

• CVE-2025-37938May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%*p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that wi

• CVE-2025-37937May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result is a divide-by-zero. Prevent that from happening. Fixes the follow

• CVE-2025-37936May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. When generating the MSR_IA32_PEBS_ENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PE

• CVE-2025-37934May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in ../

• CVE-2025-37933May 20, 2025
  affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1

  In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix host hang issue during device reboot When the host loses heartbeat messages from the device, the driver calls the device-specific ndo_stop function, which frees the resources. If the driver is un