rpm package
suse/kernel-rt&distro=SUSE Real Time Module 15 SP6
pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6
Vulnerabilities (3,740)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35922 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode(). Fou | |
| CVE-2024-35947 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets make sure by removing it, doing pr_err and return -EINVAL instead. | ||
| CVE-2024-35946 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif. | ||
| CVE-2024-35945 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: phy: phy_device: Prevent nullptr exceptions on ISR If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service r | ||
| CVE-2024-35943 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by chec | ||
| CVE-2024-35942 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually i | ||
| CVE-2024-35939 | — | < 6.4.0-150600.10.8.3 | 6.4.0-150600.10.8.3 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the result | ||
| CVE-2024-35938 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely | ||
| CVE-2024-35937 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make | ||
| CVE-2024-35932 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] ref | ||
| CVE-2024-35931 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to UMC multi times, this caused system hang. [ 557.371857] amdgpu 0000:af: | ||
| CVE-2024-35927 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in dr | ||
| CVE-2024-35926 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix async_disable descriptor leak The disable_async paths of iaa_compress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req | ||
| CVE-2024-35924 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to | ||
| CVE-2024-35921 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the | ||
| CVE-2023-52699 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A "write_lock(&pointers_lock) => read_loc | ||
| CVE-2024-35915 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero, | |
| CVE-2024-35910 | Med | 5.8 | < 6.4.0-150600.10.34.1 | 6.4.0-150600.10.34.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o | |
| CVE-2024-35905 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow | |
| CVE-2024-35902 | Med | 5.5 | < 6.4.0-150600.10.8.3 | 6.4.0-150600.10.8.3 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman adds:] Analysis: * cp is a parameter of __rds_rdma_map and is not reassigned. * T |
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode(). Fou
- CVE-2024-35947May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets make sure by removing it, doing pr_err and return -EINVAL instead.
- CVE-2024-35946May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif.
- CVE-2024-35945May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: phy_device: Prevent nullptr exceptions on ISR If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service r
- CVE-2024-35943May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by chec
- CVE-2024-35942May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually i
- CVE-2024-35939May 19, 2024affected < 6.4.0-150600.10.8.3fixed 6.4.0-150600.10.8.3
In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the result
- CVE-2024-35938May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely
- CVE-2024-35937May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make
- CVE-2024-35932May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] ref
- CVE-2024-35931May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to UMC multi times, this caused system hang. [ 557.371857] amdgpu 0000:af:
- CVE-2024-35927May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in dr
- CVE-2024-35926May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix async_disable descriptor leak The disable_async paths of iaa_compress/decompress() don't free idxd descriptors in the async_disable case. Currently this only happens in the testcases where req
- CVE-2024-35924May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to
- CVE-2024-35921May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the
- CVE-2023-52699May 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A "write_lock(&pointers_lock) => read_loc
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero,
- affected < 6.4.0-150600.10.34.1fixed 6.4.0-150600.10.34.1
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow
- affected < 6.4.0-150600.10.8.3fixed 6.4.0-150600.10.8.3
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman adds:] Analysis: * cp is a parameter of __rds_rdma_map and is not reassigned. * T
Page 166 of 187