rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22107 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actu | ||
| CVE-2025-22104 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of | ||
| CVE-2025-22103 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdev_l3_rcv When delete l3s ipvlan: ip link del link eth0 ipvlan1 type ipvlan mode l3s This may cause a null pointer dereference: Call trace: ip_rcv_finish | ||
| CVE-2025-22102 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip | ||
| CVE-2025-22097 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it. | ||
| CVE-2025-22095 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PC | ||
| CVE-2025-22094 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa counters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 provided L1<->L2 context | ||
| CVE-2025-22093 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. However, it will be dereferenced in dmub_hw_lock_mgr | ||
| CVE-2025-22091 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to reg | ||
| CVE-2025-22089 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f432a521a ("RDMA/core: Split port and device counter sysfs attributes") accidentally almost exposed hw counters to non-init net namesp | ||
| CVE-2025-22088 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue. | ||
| CVE-2025-22086 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu | ||
| CVE-2025-22085 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-us | ||
| CVE-2025-22075 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but th | ||
| CVE-2025-22070 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx pare | ||
| CVE-2025-22066 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereferen | ||
| CVE-2025-22065 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via idpf_shutdown() and then again when idpf_remove() calls into sriov_disable(), be | ||
| CVE-2025-22064 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registere | ||
| CVE-2025-22063 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu | ||
| CVE-2025-22062 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for |
- CVE-2025-22107Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actu
- CVE-2025-22104Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of
- CVE-2025-22103Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdev_l3_rcv When delete l3s ipvlan: ip link del link eth0 ipvlan1 type ipvlan mode l3s This may cause a null pointer dereference: Call trace: ip_rcv_finish
- CVE-2025-22102Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip
- CVE-2025-22097Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it.
- CVE-2025-22095Apr 16, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PC
- CVE-2025-22094Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa counters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 provided L1<->L2 context
- CVE-2025-22093Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. However, it will be dereferenced in dmub_hw_lock_mgr
- CVE-2025-22091Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to reg
- CVE-2025-22089Apr 16, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f432a521a ("RDMA/core: Split port and device counter sysfs attributes") accidentally almost exposed hw counters to non-init net namesp
- CVE-2025-22088Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. Fix this issue.
- CVE-2025-22086Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow When cur_qp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bu
- CVE-2025-22085Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-us
- CVE-2025-22075Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but th
- CVE-2025-22070Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx pare
- CVE-2025-22066Apr 16, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereferen
- CVE-2025-22065Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpf_remove() twice. First via idpf_shutdown() and then again when idpf_remove() calls into sriov_disable(), be
- CVE-2025-22064Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registere
- CVE-2025-22063Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 socket, but the connect fu
- CVE-2025-22062Apr 16, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in proc_sctp_do_udp_port() We must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start() or risk a crash as syzbot reported: Oops: general protection fault, probably for
Page 99 of 105