rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP6
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6
Vulnerabilities (3,740)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-38616 | Hig | 8.2 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170_tx_release() function sometimes triggers a fortified-memset warning in my randconfig builds: In file included from include/linux/string.h:254, | |
| CVE-2024-38615 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't pre | |
| CVE-2024-38611 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_VIDEO_ET8EK8=y. When such a device gets unb | |
| CVE-2024-38610 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() Patch series "mm: follow_pte() improvements and acrn follow_pte() fixes". Patch #1 fixes a bunch of issues I spotted in the acrn driver. It compil | |
| CVE-2024-38609 | Med | 5.5 | < 6.4.0-150600.10.8.1 | 6.4.0-150600.10.8.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: connac: check for null before dereferencing The wcid can be NULL. It should be checked for validity before dereferencing it to avoid crash. | |
| CVE-2024-38608 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5e_suspend cleans resources only if netif_device_present() returns true. However, mlx5e_resume changes the state of netif, via mlx5e_nic_enable, only if reg_state == NETRE | |
| CVE-2024-38606 | Hig | 7.1 | < 6.4.0-150600.10.34.1 | 6.4.0-150600.10.34.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig | |
| CVE-2024-38605 | Hig | 8.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b ("ALSA: core: Warn on empty module") introduced a WARN_ON() for a NULL module pointer passed at snd_card object creation, and | |
| CVE-2024-38604 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdev_iomap_begin blkdev_iomap_begin rounds down the offset to the logical block size before stashing it in iomap->offset and checking that it still is inside the inode size. Ch | |
| CVE-2024-38603 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() pci_alloc_irq_vectors() allocates an irq vector. When devm_add_action() fails, the irq vector is not freed, which leads to a memory leak. Repla | |
| CVE-2024-38602 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The | |
| CVE-2024-38601 | Med | 4.7 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new pag | |
| CVE-2024-38600 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, call callbacks and do sync for card->power_ref_sleep waiters at the end. The callb | |
| CVE-2024-38599 | Hig | 7.1 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the x | |
| CVE-2024-38598 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU | |
| CVE-2024-38597 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398) WARNING: CPU: | |
| CVE-2024-38596 | Med | 4.7 | < 6.4.0-150600.10.14.1 | 6.4.0-150600.10.14.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo | |
| CVE-2024-38595 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix peer devlink set for SF representor devlink port The cited patch change register devlink flow, and neglect to reflect the changes for peer devlink set logic. Peer devlink set is triggering a call | |
| CVE-2024-38594 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To addre | |
| CVE-2024-38592 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init `ddp_comp` with devm_kcalloc() In the case where `conn_routes` is true we allocate an extra slot in the `ddp_comp` array but mtk_drm_crtc_create() never seemed to initialize it in the test ca |
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170_tx_release() function sometimes triggers a fortified-memset warning in my randconfig builds: In file included from include/linux/string.h:254,
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't pre
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_VIDEO_ET8EK8=y. When such a device gets unb
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() Patch series "mm: follow_pte() improvements and acrn follow_pte() fixes". Patch #1 fixes a bunch of issues I spotted in the acrn driver. It compil
- affected < 6.4.0-150600.10.8.1fixed 6.4.0-150600.10.8.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: connac: check for null before dereferencing The wcid can be NULL. It should be checked for validity before dereferencing it to avoid crash.
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5e_suspend cleans resources only if netif_device_present() returns true. However, mlx5e_resume changes the state of netif, via mlx5e_nic_enable, only if reg_state == NETRE
- affected < 6.4.0-150600.10.34.1fixed 6.4.0-150600.10.34.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b ("ALSA: core: Warn on empty module") introduced a WARN_ON() for a NULL module pointer passed at snd_card object creation, and
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdev_iomap_begin blkdev_iomap_begin rounds down the offset to the logical block size before stashing it in iomap->offset and checking that it still is inside the inode size. Ch
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() pci_alloc_irq_vectors() allocates an irq vector. When devm_add_action() fails, the irq vector is not freed, which leads to a memory leak. Repla
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new pag
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, call callbacks and do sync for card->power_ref_sleep waiters at the end. The callb
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the x
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398) WARNING: CPU:
- affected < 6.4.0-150600.10.14.1fixed 6.4.0-150600.10.14.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix peer devlink set for SF representor devlink port The cited patch change register devlink flow, and neglect to reflect the changes for peer devlink set logic. Peer devlink set is triggering a call
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To addre
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init `ddp_comp` with devm_kcalloc() In the case where `conn_routes` is true we allocate an extra slot in the `ddp_comp` array but mtk_drm_crtc_create() never seemed to initialize it in the test ca
Page 149 of 187