rpm package

suse/kernel-rt&distro=SUSE Real Time Module 15 SP7

pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Vulnerabilities (2,100)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-39970		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for action_meta Fix condition to check 'greater or equal' to prevent OOB dereference.
CVE-2025-39969		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: i40e: fix validation of VF state in get resources VF state I40E_VF_STATE_ACTIVE is not the only state in which VF is actually active so it should not be used to determine if a VF is allowed to obtain resources.
CVE-2025-39968		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request. Add it.
CVE-2025-39967		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 15, 2025	In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcon_do_set_font Fix integer overflow vulnerabilities in fbcon_do_set_font() where font size calculations could overflow when handling user-controlled font parameters. The vulne
CVE-2025-39965		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 13, 2025	In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI x->id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 ("xfrm: Duplicate SPI Handling"), we now create states and add them to the byspi list with this
CVE-2025-39964		—	< 6.4.0-150700.7.34.1	6.4.0-150700.7.34.1	Oct 13, 2025	In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes m
CVE-2025-39957		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 9, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scan_ies_len for S1G Currently the S1G capability element is not taken into account for the scan_ies_len, which leads to a buffer length validation failure in ieee80211_prep_hw_scan() a
CVE-2025-39955		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 9, 2025	In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the server-side TCP Fast Ope
CVE-2023-53673	Hig	7.8	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection failed. ISO, L2CAP and SCO connections refer to the hci_conn without hci_conn_
CVE-2023-53687		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk When the best clk is searched, we iterate over all possible clk. If we find a better match, the previous one, if any, n
CVE-2023-53686		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshake_nl_done_doit() We should not call trace_handshake_cmd_done_err() if socket lookup has failed. Also we should call trace_handshake_cmd_done_err() before releasing
CVE-2023-53681		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer derefere
CVE-2023-53676		—	< 6.4.0-150700.7.25.1	6.4.0-150700.7.25.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checkin
CVE-2023-53674		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on
CVE-2023-53672		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot reported several warning triggered inside lookup_inline_extent_backref(). [CAUSE] As usual, the reproducer doesn't reliably tr
CVE-2023-53670		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix dev_pm_qos memleak Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to avoid following kmemleak:- blktests (master) # kmemleak-clear; ./check nvme/044; blktests (master) # kmem
CVE-2023-53668		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading trace_pipe Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488] [...] RIP: 0010:ring_buffer_empty_cpu
CVE-2023-53666		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix missing mbhc init error handling MBHC initialisation can fail so add the missing error handling to avoid dereferencing an error pointer when later configuring the jack: Unable to
CVE-2023-53665		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence
CVE-2023-53663		—	< 6.4.0-150700.7.22.1	6.4.0-150700.7.22.1	Oct 7, 2025	In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1's MSR_AMD64_TSC_RATIO ha

CVE-2025-39970Oct 15, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for action_meta Fix condition to check 'greater or equal' to prevent OOB dereference.
CVE-2025-39969Oct 15, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix validation of VF state in get resources VF state I40E_VF_STATE_ACTIVE is not the only state in which VF is actually active so it should not be used to determine if a VF is allowed to obtain resources.
CVE-2025-39968Oct 15, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request. Add it.
CVE-2025-39967Oct 15, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcon_do_set_font Fix integer overflow vulnerabilities in fbcon_do_set_font() where font size calculations could overflow when handling user-controlled font parameters. The vulne
CVE-2025-39965Oct 13, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI x->id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 ("xfrm: Duplicate SPI Handling"), we now create states and add them to the byspi list with this
CVE-2025-39964Oct 13, 2025
affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes m
CVE-2025-39957Oct 9, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scan_ies_len for S1G Currently the S1G capability element is not taken into account for the scan_ies_len, which leads to a buffer length validation failure in ieee80211_prep_hw_scan() a
CVE-2025-39955Oct 9, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the server-side TCP Fast Ope
CVE-2023-53673HigOct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection failed. ISO, L2CAP and SCO connections refer to the hci_conn without hci_conn_
CVE-2023-53687Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk When the best clk is searched, we iterate over all possible clk. If we find a better match, the previous one, if any, n
CVE-2023-53686Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshake_nl_done_doit() We should not call trace_handshake_cmd_done_err() if socket lookup has failed. Also we should call trace_handshake_cmd_done_err() before releasing
CVE-2023-53681Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer derefere
CVE-2023-53676Oct 7, 2025
affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checkin
CVE-2023-53674Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on
CVE-2023-53672Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot reported several warning triggered inside lookup_inline_extent_backref(). [CAUSE] As usual, the reproducer doesn't reliably tr
CVE-2023-53670Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix dev_pm_qos memleak Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to avoid following kmemleak:- blktests (master) # kmemleak-clear; ./check nvme/044; blktests (master) # kmem
CVE-2023-53668Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading trace_pipe Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488] [...] RIP: 0010:ring_buffer_empty_cpu
CVE-2023-53666Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix missing mbhc init error handling MBHC initialisation can fail so add the missing error handling to avoid dereferencing an error pointer when later configuring the jack: Unable to
CVE-2023-53665Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence
CVE-2023-53663Oct 7, 2025
affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1's MSR_AMD64_TSC_RATIO ha

Page 44 of 105