VYPR

rpm package

suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7

pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Vulnerabilities (2,100)

  • CVE-2024-58001Feb 27, 2025
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;-) So I've redone it as ind

  • CVE-2025-21720Feb 27, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled by hardware have added secpath as a way to inform XFRM core code that this path was already handled. That secpath is not needed at

  • CVE-2025-21713Feb 27, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Don't unset window if it was never set On pSeries, when user attempts to use the same vfio container used by different iommu group, the spapr_tce_set_window() returns -EPERM and the subse

  • CVE-2025-21710Feb 27, 2025
    affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "pasta" protocol splicer has revealed a problem in the way tcp handles window advertising in extreme memory squeeze situations. Und

  • CVE-2025-21707Feb 27, 2025
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the

  • CVE-2024-57998Feb 27, 2025
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed v

  • CVE-2024-57995Feb 27, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio, it gets deleted from that radio through a call to ath12

  • CVE-2024-57988Feb 27, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned value in btbcm_get_board_name() is not checked. Add NULL check in btbcm_get_board

  • CVE-2024-57987Feb 27, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oop

  • CVE-2024-57982Feb 27, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrm_state_hash_generation seqlock ensures a retry, but the hash functions can observe a hmask value that is too lar

  • CVE-2025-21702HigFeb 18, 2025
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one

  • CVE-2025-21683MedJan 31, 2025
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_sk_select_reuseport() memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF set before it

  • CVE-2024-57947Jan 23, 2025
    affected < 6.4.0-150700.7.13.1fixed 6.4.0-150700.7.13.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea

  • CVE-2025-21658Jan 21, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dere

  • CVE-2025-21648MedJan 19, 2025
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing has

  • CVE-2025-21629Jan 15, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIF_F_IPV6_CSUM, based on the definition

  • CVE-2024-49568Jan 11, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg When receiving proposal msg in server, the fields v2_ext_offset/ eid_cnt/ism_gid_cnt in proposal msg are from the remote client and c

  • CVE-2024-56742Dec 29, 2024
    affected < 6.4.0-150700.7.13.1fixed 6.4.0-150700.7.13.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed t

  • CVE-2024-56721Dec 29, 2024
    affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

    In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum_1386_microcode array The erratum_1386_microcode array requires an empty entry at the end. Otherwise x86_match_cpu_with_stepping() will continue iterate the array after it ende

  • CVE-2024-56702Dec 28, 2024
    affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Mark raw_tp arguments with PTR_MAYBE_NULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint ar

Page 103 of 105