rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP6
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6
Vulnerabilities (3,740)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-47210 | Med | 4.7 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 16, 2024 | Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |
| CVE-2023-38417 | Med | 4.3 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 16, 2024 | Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |
| CVE-2024-27397 | Hig | 7.0 | < 6.4.0-150600.10.23.1 | 6.4.0-150600.10.23.1 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate | |
| CVE-2024-27396 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU gr | |
| CVE-2024-27395 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible | |
| CVE-2023-52656 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of it. | ||
| CVE-2024-27401 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length, | ||
| CVE-2024-27400 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that after the move the old location | ||
| CVE-2024-27399 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be | ||
| CVE-2024-27393 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed | ||
| CVE-2024-27389 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0 | |
| CVE-2024-27065 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags. | |
| CVE-2024-27025 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code. | |
| CVE-2024-27024 | Hig | 7.8 | < 6.4.0-150600.10.8.3 | 6.4.0-150600.10.8.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr(). | |
| CVE-2024-27388 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. | ||
| CVE-2024-27080 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario | ||
| CVE-2024-27079 | — | < 6.4.0-150600.10.8.3 | 6.4.0-150600.10.8.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle | ||
| CVE-2024-27067 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DEBUG_SHIRQ. This might cau | ||
| CVE-2024-27064 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch fixes it by moving nft_s | ||
| CVE-2023-52653 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error |
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
- affected < 6.4.0-150600.10.23.1fixed 6.4.0-150600.10.23.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU gr
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible
- CVE-2023-52656May 13, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of it.
- CVE-2024-27401May 13, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length,
- CVE-2024-27400May 13, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that after the move the old location
- CVE-2024-27399May 13, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be
- CVE-2024-27393May 9, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.
- affected < 6.4.0-150600.10.8.3fixed 6.4.0-150600.10.8.3
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr().
- CVE-2024-27388May 1, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.
- CVE-2024-27080May 1, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario
- CVE-2024-27079May 1, 2024affected < 6.4.0-150600.10.8.3fixed 6.4.0-150600.10.8.3
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle
- CVE-2024-27067May 1, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DEBUG_SHIRQ. This might cau
- CVE-2024-27064May 1, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch fixes it by moving nft_s
- CVE-2023-52653May 1, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error
Page 175 of 187