rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP6
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6
Vulnerabilities (3,740)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52645 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a ra | ||
| CVE-2024-26906 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() When trying to use copy_from_kernel_nofault() to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to h | |
| CVE-2024-26903 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no | |
| CVE-2024-26901 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. [1] "BUG: KMSAN: kernel-i | |
| CVE-2024-26889 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than that strcpy would attempt to write past its size, so this fixe | |
| CVE-2024-26885 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of two of the max_entries value provided when creating the map. When rounding up to t | |
| CVE-2024-26884 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. Ho | |
| CVE-2024-26883 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. | |
| CVE-2024-26882 | Hig | 7.8 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd ("ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()") 1ca1ba465e55 ("geneve: m | |
| CVE-2024-26878 | Med | 4.7 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode) | |
| CVE-2024-26870 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 A call to listxattr() with a buffer size = 0 returns the actual size of the buffer needed for a subsequent call. When size > 0, nfs4_listxattr() does | |
| CVE-2024-26863 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0 | |
| CVE-2024-26861 | Med | 4.7 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter Syzkaller with KCSAN identified a data-race issue when accessing keypair->receiving_counter.counter. Use READ_ONCE() and WRITE_ONCE() anno | |
| CVE-2024-26855 | Med | 5.5 | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() The function ice_bridge_setlink() may encounter a NULL pointer dereference if nlmsg_find_attr() returns NULL and br_spec is dereferenced | |
| CVE-2024-26851 | Med | 5.5 | < 6.4.0-150600.10.8.1 | 6.4.0-150600.10.8.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux get_bitmap( | |
| CVE-2024-26849 | Med | 5.5 | < 6.4.0-150600.10.8.1 | 6.4.0-150600.10.8.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] BUG: KMSAN: uninit-value in nla_validate_int_range lib/nlattr.c:336 [inline] BUG: | |
| CVE-2024-26909 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issu | ||
| CVE-2024-26900 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 (size 49152): comm "m | ||
| CVE-2024-26899 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bd_link_disk_holder and partition scan 'open_mutex' of gendisk is used to protect open/close block devices. But in bd_link_disk_holder(), it is used to protect the creation of symlin | ||
| CVE-2024-26881 | — | < 6.4.0-150600.10.5.1 | 6.4.0-150600.10.5.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD |
- CVE-2023-52645Apr 17, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a ra
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() When trying to use copy_from_kernel_nofault() to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to h
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. [1] "BUG: KMSAN: kernel-i
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than that strcpy would attempt to write past its size, so this fixe
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of two of the max_entries value provided when creating the map. When rounding up to t
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. Ho
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0.
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd ("ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()") 1ca1ba465e55 ("geneve: m
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode)
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 A call to listxattr() with a buffer size = 0 returns the actual size of the buffer needed for a subsequent call. When size > 0, nfs4_listxattr() does
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter Syzkaller with KCSAN identified a data-race issue when accessing keypair->receiving_counter.counter. Use READ_ONCE() and WRITE_ONCE() anno
- affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() The function ice_bridge_setlink() may encounter a NULL pointer dereference if nlmsg_find_attr() returns NULL and br_spec is dereferenced
- affected < 6.4.0-150600.10.8.1fixed 6.4.0-150600.10.8.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux get_bitmap(
- affected < 6.4.0-150600.10.8.1fixed 6.4.0-150600.10.8.1
In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] BUG: KMSAN: uninit-value in nla_validate_int_range lib/nlattr.c:336 [inline] BUG:
- CVE-2024-26909Apr 17, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issu
- CVE-2024-26900Apr 17, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 (size 49152): comm "m
- CVE-2024-26899Apr 17, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bd_link_disk_holder and partition scan 'open_mutex' of gendisk is used to protect open/close block devices. But in bd_link_disk_holder(), it is used to protect the creation of symlin
- CVE-2024-26881Apr 17, 2024affected < 6.4.0-150600.10.5.1fixed 6.4.0-150600.10.5.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD
Page 180 of 187