SUSE-SU-2025:03339-1 Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122261 fixes several issues. The following security issues were fixed: - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499...

OESA-2025-2314 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: w7090p: fix null-ptr-deref in w7090ptunerwriteserpar and w7090ptunerreadserpar In w7090ptunerwriteserpar, msg is controlled by user. When...

Linux Distros Unpatched Vulnerability : CVE-2022-50336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could...

PT-2025-37888

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a vulnerability in the xen/virtio subsystem where a NULL dereference can occur within the xen dt get node function when a bridge of the PCI root bus has no...

DEBIAN-CVE-2022-50303

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfdprocessdeviceinitvm returns failure after vm is converted to compute vm and vm-pasid set to compute pasid, KFD will not take pdd-drmfile reference. As a result, drm close file...

Linux Distros Unpatched Vulnerability : CVE-2022-34678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer...

CVE-2025-39706 drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-39706 drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-38583

In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pllpost only if registered correctly If registration of pllpost is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to handle kernel NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-38487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop...

Linux Distros Unpatched Vulnerability : CVE-2025-38035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when...

Linux Distros Unpatched Vulnerability : CVE-2024-0078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference ...

Linux Distros Unpatched Vulnerability : CVE-2023-31022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of servic...

Linux Distros Unpatched Vulnerability : CVE-2022-34679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer...

Linux Distros Unpatched Vulnerability : CVE-2022-31615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer...

Linux Distros Unpatched Vulnerability : CVE-2022-49824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ata: libata-transport: fix error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, it causes...

Linux Distros Unpatched Vulnerability : CVE-2025-38075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive respons...

Linux Distros Unpatched Vulnerability : CVE-2025-38387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we...

Linux Distros Unpatched Vulnerability : CVE-2021-47413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: Also search for 'phys' phandle When passing 'phys' in the devicetr...

CVE-2025-38442

In the Linux kernel, the following vulnerability has been resolved: block: reject bs ps block devices when THP is disabled If THP is disabled and when a block device with logical block size page size is present, the following null ptr deref panic happens during boot: 13.2 mK AOSAN: null-ptr-deref...