rpm package
suse/kernel-rt_debug&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (118)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22094 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa counters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 provided L1<->L2 context | ||
| CVE-2025-22093 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. However, it will be dereferenced in dmub_hw_lock_mgr | ||
| CVE-2025-22091 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to reg | ||
| CVE-2025-22088 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue. | ||
| CVE-2025-22086 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu | ||
| CVE-2025-22085 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-us | ||
| CVE-2025-22075 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but th | ||
| CVE-2025-22070 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx pare | ||
| CVE-2025-22065 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via idpf_shutdown() and then again when idpf_remove() calls into sriov_disable(), be | ||
| CVE-2025-22064 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registere | ||
| CVE-2025-22063 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu | ||
| CVE-2025-22062 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for | ||
| CVE-2025-22058 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional | ||
| CVE-2025-22057 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dst_release Upstream fix ac888d58869b ("net: do not delay dst_entries_add() in dst_release()") moved decrementing the dst count from dst_destroy to dst_release to avoid acce | ||
| CVE-2025-22056 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence | ||
| CVE-2025-22050 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. This incons | ||
| CVE-2025-22044 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl Syzkaller has reported a warning in to_nfit_bus_uuid(): "only secondary bus families can be translated". This warning is emited if the argument is equal to | ||
| CVE-2025-22033 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in do_compat_alignment_fixup() do_alignment_t32_to_handler() only fixes up alignment faults for specific instructions; it returns NULL otherwise (e.g. LDREX). When that's the case, signal | ||
| CVE-2025-22030 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_l | ||
| CVE-2025-22027 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function ir_raw_event_store_with_filter(). This crash is caused by a NULL pointer de |
- CVE-2025-22094Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa counters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 provided L1<->L2 context
- CVE-2025-22093Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. However, it will be dereferenced in dmub_hw_lock_mgr
- CVE-2025-22091Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to reg
- CVE-2025-22088Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue.
- CVE-2025-22086Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu
- CVE-2025-22085Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-us
- CVE-2025-22075Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but th
- CVE-2025-22070Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx pare
- CVE-2025-22065Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via idpf_shutdown() and then again when idpf_remove() calls into sriov_disable(), be
- CVE-2025-22064Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registere
- CVE-2025-22063Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu
- CVE-2025-22062Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for
- CVE-2025-22058Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional
- CVE-2025-22057Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in dst_release Upstream fix ac888d58869b ("net: do not delay dst_entries_add() in dst_release()") moved decrementing the dst count from dst_destroy to dst_release to avoid acce
- CVE-2025-22056Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence
- CVE-2025-22050Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. This incons
- CVE-2025-22044Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl Syzkaller has reported a warning in to_nfit_bus_uuid(): "only secondary bus families can be translated". This warning is emited if the argument is equal to
- CVE-2025-22033Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in do_compat_alignment_fixup() do_alignment_t32_to_handler() only fixes up alignment faults for specific instructions; it returns NULL otherwise (e.g. LDREX). When that's the case, signal
- CVE-2025-22030Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_l
- CVE-2025-22027Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function ir_raw_event_store_with_filter(). This crash is caused by a NULL pointer de
Page 4 of 6