rpm package
suse/kernel-rt_debug&distro=SUSE Real Time Module 15 SP6
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6
Vulnerabilities (3,740)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-38544 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkts queue and then a decision is made whether to run the completer task inline or s | ||
| CVE-2024-38543 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if the physical memory has run out. As a result, if src_pfns or dst_pfns is derefe | ||
| CVE-2024-38541 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not | ||
| CVE-2024-38540 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Undefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called with hwq_attr->aux_depth != 0 and hwq_attr->aux_stride == 0. In that | ||
| CVE-2024-38539 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (memp | ||
| CVE-2024-38538 | — | < 6.4.0-150600.10.14.1 | 6.4.0-150600.10.14.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we | ||
| CVE-2024-36979 | — | < 6.4.0-150600.10.8.3 | 6.4.0-150600.10.8.3 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same | ||
| CVE-2024-36978 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw | |
| CVE-2024-36977 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3_usb3 >= 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because | ||
| CVE-2024-36975 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2. | ||
| CVE-2024-36973 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_r | ||
| CVE-2024-36972 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Billy Jheng Bing-Jhong reported a race between __unix_gc() and queue_oob(). __unix_gc() tries to garbage-collect close()d inflight sockets, and | ||
| CVE-2024-36971 | — | KEV | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca | |
| CVE-2024-36970 | — | < 6.4.0-150600.10.8.3 | 6.4.0-150600.10.8.3 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it somethin | ||
| CVE-2024-36969 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves | ||
| CVE-2024-36968 | — | < 6.4.0-150600.10.20.1 | 6.4.0-150600.10.20.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev | ||
| CVE-2024-36967 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case. | ||
| CVE-2024-36965 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size th | ||
| CVE-2024-36964 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s | ||
| CVE-2024-36962 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from n |
- CVE-2024-38544Jun 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkts queue and then a decision is made whether to run the completer task inline or s
- CVE-2024-38543Jun 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if the physical memory has run out. As a result, if src_pfns or dst_pfns is derefe
- CVE-2024-38541Jun 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not
- CVE-2024-38540Jun 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Undefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called with hwq_attr->aux_depth != 0 and hwq_attr->aux_stride == 0. In that
- CVE-2024-38539Jun 19, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (memp
- CVE-2024-38538Jun 19, 2024affected < 6.4.0-150600.10.14.1fixed 6.4.0-150600.10.14.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we
- CVE-2024-36979Jun 19, 2024affected < 6.4.0-150600.10.8.3fixed 6.4.0-150600.10.8.3
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw
- CVE-2024-36977Jun 18, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3_usb3 >= 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because
- CVE-2024-36975Jun 18, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2.
- CVE-2024-36973Jun 17, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_r
- CVE-2024-36972Jun 10, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Billy Jheng Bing-Jhong reported a race between __unix_gc() and queue_oob(). __unix_gc() tries to garbage-collect close()d inflight sockets, and
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca
- CVE-2024-36970Jun 8, 2024affected < 6.4.0-150600.10.8.3fixed 6.4.0-150600.10.8.3
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it somethin
- CVE-2024-36969Jun 8, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves
- CVE-2024-36968Jun 8, 2024affected < 6.4.0-150600.10.20.1fixed 6.4.0-150600.10.20.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev
- CVE-2024-36967Jun 8, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case.
- CVE-2024-36965Jun 8, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size th
- CVE-2024-36964Jun 3, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s
- CVE-2024-36962Jun 3, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in its IRQ handler to avoid triggering net_rx_action() softirq on exit from n
Page 152 of 187