rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53662 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} If the filename casefolding fails, we'll be leaking memory from the fscrypt_name struct, namely from the 'crypto_buf.name' member. Make sure | ||
| CVE-2023-53660 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptr_ring The following warning was reported when running xdp_redirect_cpu with both skb-mode and stress-mode enabled: ------------[ cut here ]------------ Inco | ||
| CVE-2023-53659 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done would be timeout, then returned with error but changed num_active_queues directly, | ||
| CVE-2023-53658 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the driver will just early exit in probe but still return success. Apart from not do | ||
| CVE-2023-53657 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: Don't tx before switchdev is fully configured There is possibility that ice_eswitch_port_start_xmit might be called while some resources are still not allocated which might cause NULL pointer dereference. | ||
| CVE-2023-53656 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown The driver needs to migrate the perf context if the current using CPU going to teardown. By the time calling the cpuhp::teardown() callback th | ||
| CVE-2023-53654 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation before accessing cgx and lmac with the addition of new MAC blocks like CN10K RPM and CN10KB RPM_USX, LMACs are noncontiguous and CGX blocks are also noncontiguous. But during RVU dr | ||
| CVE-2023-53653 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: amphion: fix REVERSE_INULL issues reported by coverity null-checking of a pointor is suggested before dereferencing it | ||
| CVE-2023-53652 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produc | ||
| CVE-2023-53650 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak. | ||
| CVE-2023-53649 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel->priv area In 3cb4d5e00e037c70 ("perf trace: Free syscall tp fields in evsel->priv") it only was freeing if strcmp(evsel->tp_format->system, "syscalls") returned zero, while th | ||
| CVE-2023-53648 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant a | ||
| CVE-2023-53647 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI | ||
| CVE-2023-53646 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: add sentinel to xehp_oa_b_counters Arrays passed to reg_in_range_table should end with empty record. The patch solves KASAN detected bug with signature: BUG: KASAN: global-out-of-bounds in xehp_ | ||
| CVE-2023-53645 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpf_refcount_acquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpf_refcount series [0], specifically that the BPF program calling bpf_refcount_acquire | ||
| CVE-2023-53638 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: octeon_ep: cancel queued works in probe error path If it fails to get the devices's MAC address, octep_probe exits while leaving the delayed work intr_poll_task queued. When the work later runs, it's a use afte | ||
| CVE-2023-53633 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix a leak in map_user_pages() If get_user_pages_fast() allocates some pages but not as many as we wanted, then the current code leaks those pages. Call put_page() on the pages before returning. | ||
| CVE-2023-53632 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take RTNL lock when needed before calling xdp_set_features() Hold RTNL lock when calling xdp_set_features() with a registered netdev, as the call triggers the netdev notifiers. This could happen when | ||
| CVE-2023-53631 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobject_p | ||
| CVE-2023-53622 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_ |
- CVE-2023-53662Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} If the filename casefolding fails, we'll be leaking memory from the fscrypt_name struct, namely from the 'crypto_buf.name' member. Make sure
- CVE-2023-53660Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptr_ring The following warning was reported when running xdp_redirect_cpu with both skb-mode and stress-mode enabled: ------------[ cut here ]------------ Inco
- CVE-2023-53659Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done would be timeout, then returned with error but changed num_active_queues directly,
- CVE-2023-53658Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the driver will just early exit in probe but still return success. Apart from not do
- CVE-2023-53657Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: ice: Don't tx before switchdev is fully configured There is possibility that ice_eswitch_port_start_xmit might be called while some resources are still not allocated which might cause NULL pointer dereference.
- CVE-2023-53656Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown The driver needs to migrate the perf context if the current using CPU going to teardown. By the time calling the cpuhp::teardown() callback th
- CVE-2023-53654Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation before accessing cgx and lmac with the addition of new MAC blocks like CN10K RPM and CN10KB RPM_USX, LMACs are noncontiguous and CGX blocks are also noncontiguous. But during RVU dr
- CVE-2023-53653Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: media: amphion: fix REVERSE_INULL issues reported by coverity null-checking of a pointor is suggested before dereferencing it
- CVE-2023-53652Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produc
- CVE-2023-53650Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak.
- CVE-2023-53649Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel->priv area In 3cb4d5e00e037c70 ("perf trace: Free syscall tp fields in evsel->priv") it only was freeing if strcmp(evsel->tp_format->system, "syscalls") returned zero, while th
- CVE-2023-53648Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant a
- CVE-2023-53647Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI
- CVE-2023-53646Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: add sentinel to xehp_oa_b_counters Arrays passed to reg_in_range_table should end with empty record. The patch solves KASAN detected bug with signature: BUG: KASAN: global-out-of-bounds in xehp_
- CVE-2023-53645Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpf_refcount_acquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpf_refcount series [0], specifically that the BPF program calling bpf_refcount_acquire
- CVE-2023-53638Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: cancel queued works in probe error path If it fails to get the devices's MAC address, octep_probe exits while leaving the delayed work intr_poll_task queued. When the work later runs, it's a use afte
- CVE-2023-53633Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix a leak in map_user_pages() If get_user_pages_fast() allocates some pages but not as many as we wanted, then the current code leaks those pages. Call put_page() on the pages before returning.
- CVE-2023-53632Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take RTNL lock when needed before calling xdp_set_features() Hold RTNL lock when calling xdp_set_features() with a registered netdev, as the call triggers the netdev notifiers. This could happen when
- CVE-2023-53631Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobject_p
- CVE-2023-53622Oct 7, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_
Page 45 of 105