rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53179 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calcul | ||
| CVE-2023-53177 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: hi846: fix usage of pm_runtime_get_if_in_use() pm_runtime_get_if_in_use() does not only return nonzero values when the device is in use, it can return a negative errno too. And especially during resumin | ||
| CVE-2023-53175 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix a crash in hv_pci_restore_msi_msg() during hibernation When a Linux VM with an assigned PCI device runs on Hyper-V, if the PCI device driver is not loaded yet (i.e. MSI-X/MSI is not enabled on the | ||
| CVE-2023-53174 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to | ||
| CVE-2023-53170 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: Removed unneeded of_node_put in felix_parse_ports_node Remove unnecessary of_node_put from the continue path to prevent child node from being released twice, which could avoid resource leak or other u | ||
| CVE-2023-53167 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracing_err_log_open() Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which res | ||
| CVE-2023-53165 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. | ||
| CVE-2023-53152 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. [61811.4 | ||
| CVE-2023-53151 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause s | ||
| CVE-2023-53150 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref | ||
| CVE-2023-53148 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between t | ||
| CVE-2023-53147 | — | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(... | ||
| CVE-2022-50253 | — | < 6.4.0-150700.7.25.1 | 6.4.0-150700.7.25.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbu | ||
| CVE-2025-39801 | Med | 5.5 | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARN_ON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout which causes kernel panic due to warn when 'panic_on_warn' is enabled and unnecess | |
| CVE-2025-39800 | Med | 5.5 | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() If we find an unexpected generation for the extent buffer we are cloning at btrfs_copy_root(), we just WARN_ON() and don't error out and | |
| CVE-2025-39798 | Med | 5.5 | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for a | |
| CVE-2025-39794 | Med | 5.5 | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: tegra: Use I/O memcpy to write to IRAM Kasan crashes the kernel trying to check boundaries when using the normal memcpy. | |
| CVE-2025-39797 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Sep 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI Netlink message, which triggers the kernel function xfrm_alloc_spi(). This function is expected to ensure uniquen | ||
| CVE-2025-40300 | Med | 5.5 | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already | |
| CVE-2025-39790 | Hig | 7.8 | < 6.4.0-150700.7.22.1 | 6.4.0-150700.7.22.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the T |
- CVE-2023-53179Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calcul
- CVE-2023-53177Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: media: hi846: fix usage of pm_runtime_get_if_in_use() pm_runtime_get_if_in_use() does not only return nonzero values when the device is in use, it can return a negative errno too. And especially during resumin
- CVE-2023-53175Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix a crash in hv_pci_restore_msi_msg() during hibernation When a Linux VM with an assigned PCI device runs on Hyper-V, if the PCI device driver is not loaded yet (i.e. MSI-X/MSI is not enabled on the
- CVE-2023-53174Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to
- CVE-2023-53170Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Removed unneeded of_node_put in felix_parse_ports_node Remove unnecessary of_node_put from the continue path to prevent child node from being released twice, which could avoid resource leak or other u
- CVE-2023-53167Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracing_err_log_open() Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which res
- CVE-2023-53165Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer.
- CVE-2023-53152Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. [61811.4
- CVE-2023-53151Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause s
- CVE-2023-53150Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref
- CVE-2023-53148Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between t
- CVE-2023-53147Sep 15, 2025affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(...
- CVE-2022-50253Sep 15, 2025affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbu
- affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARN_ON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout which causes kernel panic due to warn when 'panic_on_warn' is enabled and unnecess
- affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() If we find an unexpected generation for the extent buffer we are cloning at btrfs_copy_root(), we just WARN_ON() and don't error out and
- affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for a
- affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: ARM: tegra: Use I/O memcpy to write to IRAM Kasan crashes the kernel trying to check boundaries when using the normal memcpy.
- CVE-2025-39797Sep 12, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI Netlink message, which triggers the kernel function xfrm_alloc_spi(). This function is expected to ensure uniquen
- affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already
- affected < 6.4.0-150700.7.22.1fixed 6.4.0-150700.7.22.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the T
Page 60 of 105