rpm package
suse/kernel-zfcpdump&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS
Vulnerabilities (421)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68308 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: leaf: Fix potential infinite loop in command parsers The `kvaser_usb_leaf_wait_cmd()` and `kvaser_usb_leaf_read_bulk_callback` functions contain logic to zero-length commands. These commands ar | ||
| CVE-2025-68307 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to red | ||
| CVE-2025-68305 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmt_pending before write iter se | ||
| CVE-2025-68303 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punit_ipc: fix memory corruption This passes the address of the pointer "&punit_ipcdev" when the intent was to pass the pointer itself "punit_ipcdev" (without the ampersand). This means tha | ||
| CVE-2025-68290 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads | ||
| CVE-2025-68289 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_eem: Fix memory leak in eem_unwrap The existing code did not handle the failure case of usb_ep_queue in the command path, potentially leading to memory leaks. Improve error handling to free all | ||
| CVE-2025-68287 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking `dwc3_remove_requests( | ||
| CVE-2025-68286 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing [WHAT] IGT kms_cursor_legacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP | ||
| CVE-2025-68285 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both | ||
| CVE-2025-68284 | — | < 6.4.0-150600.23.87.1 | 6.4.0-150600.23.87.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes wh | ||
| CVE-2025-68259 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or (select) INTn instruction, discard the exception and retry the instruction if the co | ||
| CVE-2025-68258 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3_attach() Syzbot identified an issue [1] in multiq3_attach() that induces a task timeout due to open() or COMEDI_DEVCONFIG ioctl operations, specifically, in t | ||
| CVE-2025-68257 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue [1] that crashes kernel, seemingly due to unexistent callback dev->get_valid_routes(). By all means, this should not occur as s | ||
| CVE-2025-68252 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup In fastrpc_map_lookup, dma_buf_get is called to obtain a reference to the dma_buf for comparison purposes. However, this reference is never released | ||
| CVE-2025-68249 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: most: usb: hdm_probe: Fix calling put_device() before device initialization The early error path in hdm_probe() can jump to err_free_mdev before &mdev->dev has been initialized with device_initialize(). Calling | ||
| CVE-2025-68244 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915_vma_pin_ww(), a synchronous variant of dma_fence_work_commit() is called. When pinning a VMA to GGTT address space on a | ||
| CVE-2025-68238 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer `dma_dev` was being dereferenced before ensuring that `cdns_ctrl->dmac` is properly initialized. Move the assignment of `dm | ||
| CVE-2025-68237 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so tha | ||
| CVE-2025-68235 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot nvkm_falcon_fw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated. | ||
| CVE-2025-68233 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to put_pid() Add a call to put_pid() corresponding to get_task_pid(). host1x_memory_context_alloc() does not take ownership of the PID so we need to free it here to avoid leaking. [mperttun |
- CVE-2025-68308Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: leaf: Fix potential infinite loop in command parsers The `kvaser_usb_leaf_wait_cmd()` and `kvaser_usb_leaf_read_bulk_callback` functions contain logic to zero-length commands. These commands ar
- CVE-2025-68307Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to red
- CVE-2025-68305Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmt_pending before write iter se
- CVE-2025-68303Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punit_ipc: fix memory corruption This passes the address of the pointer "&punit_ipcdev" when the intent was to pass the pointer itself "punit_ipcdev" (without the ampersand). This means tha
- CVE-2025-68290Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads
- CVE-2025-68289Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_eem: Fix memory leak in eem_unwrap The existing code did not handle the failure case of usb_ep_queue in the command path, potentially leading to memory leaks. Improve error handling to free all
- CVE-2025-68287Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking `dwc3_remove_requests(
- CVE-2025-68286Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing [WHAT] IGT kms_cursor_legacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP
- CVE-2025-68285Dec 16, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both
- CVE-2025-68284Dec 16, 2025affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes wh
- CVE-2025-68259Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or (select) INTn instruction, discard the exception and retry the instruction if the co
- CVE-2025-68258Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3_attach() Syzbot identified an issue [1] in multiq3_attach() that induces a task timeout due to open() or COMEDI_DEVCONFIG ioctl operations, specifically, in t
- CVE-2025-68257Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue [1] that crashes kernel, seemingly due to unexistent callback dev->get_valid_routes(). By all means, this should not occur as s
- CVE-2025-68252Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup In fastrpc_map_lookup, dma_buf_get is called to obtain a reference to the dma_buf for comparison purposes. However, this reference is never released
- CVE-2025-68249Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: most: usb: hdm_probe: Fix calling put_device() before device initialization The early error path in hdm_probe() can jump to err_free_mdev before &mdev->dev has been initialized with device_initialize(). Calling
- CVE-2025-68244Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915_vma_pin_ww(), a synchronous variant of dma_fence_work_commit() is called. When pinning a VMA to GGTT address space on a
- CVE-2025-68238Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer `dma_dev` was being dereferenced before ensuring that `cdns_ctrl->dmac` is properly initialized. Move the assignment of `dm
- CVE-2025-68237Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so tha
- CVE-2025-68235Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot nvkm_falcon_fw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated.
- CVE-2025-68233Dec 16, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to put_pid() Add a call to put_pid() corresponding to get_task_pid(). host1x_memory_context_alloc() does not take ownership of the PID so we need to free it here to avoid leaking. [mperttun
Page 13 of 22