rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38643 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() Callers of wdev_chandef() must hold the wiphy mutex. But the worker cfg80211_propagate_cac_done_wk() never takes the lock. Which triggers the wa | ||
| CVE-2025-38640 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nf_hook_run_bpf(). syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in __bpf_prog_run() fails, triggering the spla | ||
| CVE-2025-38639 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 [..] string+0x231/0x | ||
| CVE-2025-38635 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NU | ||
| CVE-2025-38634 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the power_supply_get_by_name() function may return `NULL` instead of an error pointer. To prevent po | ||
| CVE-2025-38632 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing mux_owner NULL with active mux_usecount commit 5a3e85c3c397 ("pinmux: Use sequential access to access desc->pinmux data") tried to address the issue when two client of the same gpio cal | ||
| CVE-2025-38630 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fb_modelist. If that happens, the modelist stays emp | ||
| CVE-2025-38628 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5_vdpa_free() is the single entrypoint for removing the vdpa device resources added in mlx5_vdpa_dev | ||
| CVE-2025-38624 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Clean up allocated IRQs on unplug When the root of a nested PCIe bridge configuration is unplugged, the pnv_php driver leaked the allocated IRQ resources for the child bridges' hotplug event notif | ||
| CVE-2025-38623 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug system after device removal a | ||
| CVE-2025-38622 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udp_rcv_segment() When sending a packet with virtio_net_hdr to tun device, if the gso_type in virtio_net_hdr is SKB_GSO_UDP and the gso_size is less than udphdr size, below crash may ha | ||
| CVE-2025-38621 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: make rdev_addable usable for rcu mode Our testcase trigger panic: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... Oops: Oops: 0000 [#1] SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 | ||
| CVE-2025-38618 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac | ||
| CVE-2025-38617 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a | ||
| CVE-2025-38616 | — | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i | ||
| CVE-2024-58239 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of the same type still on the queue, we will end up merging them: - process_rx_list c | ||
| CVE-2025-38614 | Med | 5.5 | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is loop-free and does some re | |
| CVE-2025-38584 | Hig | 7.8 | < 6.4.0-150700.7.19.1 | 6.4.0-150700.7.19.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A reference count is taken at the start of the process in padata_do_parallel, and relea | |
| CVE-2025-38612 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() In the error paths after fb_info structure is successfully allocated, the memory allocated in fb_deferred_io_init() for info->pagerefs is n | ||
| CVE-2025-38610 | — | < 6.4.0-150700.7.16.1 | 6.4.0-150700.7.16.1 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() The get_pd_power_uw() function can crash with a NULL pointer dereference when em_cpu_get() returns NULL. This occurs when a CPU becomes impo |
- CVE-2025-38643Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() Callers of wdev_chandef() must hold the wiphy mutex. But the worker cfg80211_propagate_cac_done_wk() never takes the lock. Which triggers the wa
- CVE-2025-38640Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nf_hook_run_bpf(). syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in __bpf_prog_run() fails, triggering the spla
- CVE-2025-38639Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 [..] string+0x231/0x
- CVE-2025-38635Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NU
- CVE-2025-38634Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the power_supply_get_by_name() function may return `NULL` instead of an error pointer. To prevent po
- CVE-2025-38632Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing mux_owner NULL with active mux_usecount commit 5a3e85c3c397 ("pinmux: Use sequential access to access desc->pinmux data") tried to address the issue when two client of the same gpio cal
- CVE-2025-38630Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fb_modelist. If that happens, the modelist stays emp
- CVE-2025-38628Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5_vdpa_free() is the single entrypoint for removing the vdpa device resources added in mlx5_vdpa_dev
- CVE-2025-38624Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Clean up allocated IRQs on unplug When the root of a nested PCIe bridge configuration is unplugged, the pnv_php driver leaked the allocated IRQ resources for the child bridges' hotplug event notif
- CVE-2025-38623Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug system after device removal a
- CVE-2025-38622Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udp_rcv_segment() When sending a packet with virtio_net_hdr to tun device, if the gso_type in virtio_net_hdr is SKB_GSO_UDP and the gso_size is less than udphdr size, below crash may ha
- CVE-2025-38621Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: md: make rdev_addable usable for rcu mode Our testcase trigger panic: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... Oops: Oops: 0000 [#1] SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1
- CVE-2025-38618Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac
- CVE-2025-38617Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a
- CVE-2025-38616Aug 22, 2025affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was i
- CVE-2024-58239Aug 22, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of the same type still on the queue, we will end up merging them: - process_rx_list c
- affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is loop-free and does some re
- affected < 6.4.0-150700.7.19.1fixed 6.4.0-150700.7.19.1
In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A reference count is taken at the start of the process in padata_do_parallel, and relea
- CVE-2025-38612Aug 19, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() In the error paths after fb_info structure is successfully allocated, the memory allocated in fb_deferred_io_init() for info->pagerefs is n
- CVE-2025-38610Aug 19, 2025affected < 6.4.0-150700.7.16.1fixed 6.4.0-150700.7.16.1
In the Linux kernel, the following vulnerability has been resolved: powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() The get_pd_power_uw() function can crash with a NULL pointer dereference when em_cpu_get() returns NULL. This occurs when a CPU becomes impo
Page 67 of 105