rpm package

suse/kernel-rt&distro=SUSE Real Time Module 15 SP7

pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Vulnerabilities (2,100)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-40059	—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devm_kzalloc The return value of devm_kzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devm_kzalloc.
CVE-2025-40058	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- st
CVE-2025-40056	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copy_to_iter return value check The return value of copy_to_iter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values.
CVE-2025-40055	—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a
CVE-2025-40053	—	< 6.4.0-150700.7.28.1	6.4.0-150700.7.28.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer
CVE-2025-40052	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifs_sg_set_buf() helper that converts vm
CVE-2025-40051	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modify the return value check The return value of copy_from_iter and copy_to_iter can't be negative, check whether the copied lengths are equal.
CVE-2025-40049	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval
CVE-2025-40048	—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us
CVE-2025-40047	—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait() For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress,
CVE-2025-40044	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m
CVE-2025-40043	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Add parameter validation for packet data Syzbot reported an uninitialized value bug in nci_init_req, which was introduced by commit 5aca7966d2a7 ("Merge tag 'perf-tools-fixes-for-v6.17-2025-09-16
CVE-2025-40042	—	< 6.4.0-150700.7.28.1	6.4.0-150700.7.28.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11
CVE-2025-40038	—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM mus
CVE-2025-40037	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefb_detach_genpds() The pm_domain cleanup can not be devres managed as it uses struct simplefb_par which is allocated within struct fb_info by framebuffer_alloc(). Th
CVE-2025-40036	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpc_put_args copy_to_user() failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix th
CVE-2025-40035	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole aft
CVE-2025-40033	—	< 6.4.0-150700.7.28.1	6.4.0-150700.7.28.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL check, which could lead to a null pointer dereference. Mov
CVE-2025-40032	—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dma_chan_tx and dma_chan_rx of the struct pci_epf_test can be NULL even after EPF initialization. Then it is prudent to che
CVE-2025-40030	—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 28, 2025	In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux

CVE-2025-40059Oct 28, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devm_kzalloc The return value of devm_kzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devm_kzalloc.
CVE-2025-40058Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- st
CVE-2025-40056Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copy_to_iter return value check The return value of copy_to_iter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values.
CVE-2025-40055Oct 28, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a
CVE-2025-40053Oct 28, 2025
affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer
CVE-2025-40052Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifs_sg_set_buf() helper that converts vm
CVE-2025-40051Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modify the return value check The return value of copy_from_iter and copy_to_iter can't be negative, check whether the copied lengths are equal.
CVE-2025-40049Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval
CVE-2025-40048Oct 28, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us
CVE-2025-40047Oct 28, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait() For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress,
CVE-2025-40044Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m
CVE-2025-40043Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Add parameter validation for packet data Syzbot reported an uninitialized value bug in nci_init_req, which was introduced by commit 5aca7966d2a7 ("Merge tag 'perf-tools-fixes-for-v6.17-2025-09-16
CVE-2025-40042Oct 28, 2025
affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. [11
CVE-2025-40038Oct 28, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM mus
CVE-2025-40037Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefb_detach_genpds() The pm_domain cleanup can not be devres managed as it uses struct simplefb_par which is allocated within struct fb_info by framebuffer_alloc(). Th
CVE-2025-40036Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpc_put_args copy_to_user() failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix th
CVE-2025-40035Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole aft
CVE-2025-40033Oct 28, 2025
affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL check, which could lead to a null pointer dereference. Mov
CVE-2025-40032Oct 28, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dma_chan_tx and dma_chan_rx of the struct pci_epf_test can be NULL even after EPF initialization. Then it is prudent to che
CVE-2025-40030Oct 28, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux

Page 40 of 105