VYPR

rpm package

suse/kernel-rt&distro=SUSE Real Time Module 15 SP6

pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6

Vulnerabilities (3,740)

  • CVE-2023-52798May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section

  • CVE-2023-52796May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for

  • CVE-2023-52795May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix use after free in vhost_vdpa_probe() The put_device() calls vhost_vdpa_release_dev() which calls ida_simple_remove() and frees "v". So this call to ida_simple_remove() is a use after free and a

  • CVE-2023-52794May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: intel: powerclamp: fix mismatch in get function for max_idle KASAN reported this [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90 [ 444.853111] Read of size 4 at a

  • CVE-2023-52792May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails Commit 5e42bcbc3fef ("cxl/region: decrement ->nr_targets on error in cxl_region_attach()") tried to avoid 'eiw' initialization errors whe

  • CVE-2023-52791May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is disabled. However, non-atomic i2c transfers require preemption (e.g. in wait_for_completion() w

  • CVE-2023-52789May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup() in vcc_probe() Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference.

  • CVE-2023-52788May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: i915/perf: Fix NULL deref bugs with drm_dbg() calls When i915 perf interface is not available dereferencing it will lead to NULL dereferences. As returning -ENOTSUPP is pretty clear return when perf interface

  • CVE-2023-52787May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed

  • CVE-2023-52786May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio write syzbot reports that the following warning from ext4_iomap_begin() triggers as of the commit referenced below: if (WARN_ON_ONCE(ext4_has_inline_data(ino

  • CVE-2023-52784May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been able to keep syzbot away from net/lapb, until today. In the following splat [1],

  • CVE-2023-52783May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wx_sw_init() returns before the memory of 'wx->mac_table' is allocated. The null pointer will c

  • CVE-2023-52782May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadat

  • CVE-2023-52781May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descriptor for accessing a family of related descriptors. Function 'usb_get_bos_descr

  • CVE-2023-52780May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool

  • CVE-2023-52778May 21, 2024
    affected < 6.4.0-150600.10.20.1fixed 6.4.0-150600.10.20.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: deal with large GSO size After the blamed commit below, the TCP sockets (and the MPTCP subflows) can build egress packets larger than 64K. That exceeds the maximum DSS data size, the length being misrepr

  • CVE-2023-52777May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-

  • CVE-2023-52776May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are protected by RCU but the DFS-radar and temperature event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked

  • CVE-2023-52775May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below.

  • CVE-2023-52774May 21, 2024
    affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1

    In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasd_profile_start() the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access.

Page 161 of 187