rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,202)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-58015 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible ou | ||
| CVE-2024-58004 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: remove cpu latency qos request on error Fix cpu latency qos list corruption like below. It happens when we do not remove cpu latency request on error path and free corresponding memory. [ | ||
| CVE-2024-58001 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;-) So I've redone it as ind | ||
| CVE-2025-21720 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled by hardware have added secpath as a way to inform XFRM core code that this path was already handled. That secpath is not needed at | ||
| CVE-2025-21713 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Don't unset window if it was never set On pSeries, when user attempts to use the same vfio container used by different iommu group, the spapr_tce_set_window() returns -EPERM and the subse | ||
| CVE-2025-21710 | — | < 6.4.0-150700.7.25.1 | 6.4.0-150700.7.25.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "pasta" protocol splicer has revealed a problem in the way tcp handles window advertising in extreme memory squeeze situations. Und | ||
| CVE-2025-21707 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the | ||
| CVE-2024-57998 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed v | ||
| CVE-2024-57995 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio, it gets deleted from that radio through a call to ath12 | ||
| CVE-2024-57988 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned value in btbcm_get_board_name() is not checked. Add NULL check in btbcm_get_board | ||
| CVE-2024-57987 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oop | ||
| CVE-2024-57982 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Feb 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrm_state_hash_generation seqlock ensures a retry, but the hash functions can observe a hmask value that is too lar | ||
| CVE-2025-21702 | Hig | 7.8 | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Feb 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one | |
| CVE-2025-21683 | Med | 5.5 | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Jan 31, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_sk_select_reuseport() memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF set before it | |
| CVE-2024-57947 | — | < 6.4.0-150700.7.13.1 | 6.4.0-150700.7.13.1 | Jan 23, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea | ||
| CVE-2025-21658 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Jan 21, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dere | ||
| CVE-2025-21648 | Med | 5.5 | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | Jan 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing has | |
| CVE-2025-21629 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIF_F_IPV6_CSUM, based on the definition | ||
| CVE-2024-49568 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | Jan 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg When receiving proposal msg in server, the fields v2_ext_offset/ eid_cnt/ism_gid_cnt in proposal msg are from the remote client and c | ||
| CVE-2024-56742 | — | < 6.4.0-150700.7.13.1 | 6.4.0-150700.7.13.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed t |
- CVE-2024-58015Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible ou
- CVE-2024-58004Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: remove cpu latency qos request on error Fix cpu latency qos list corruption like below. It happens when we do not remove cpu latency request on error path and free corresponding memory. [
- CVE-2024-58001Feb 27, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;-) So I've redone it as ind
- CVE-2025-21720Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled by hardware have added secpath as a way to inform XFRM core code that this path was already handled. That secpath is not needed at
- CVE-2025-21713Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Don't unset window if it was never set On pSeries, when user attempts to use the same vfio container used by different iommu group, the spapr_tce_set_window() returns -EPERM and the subse
- CVE-2025-21710Feb 27, 2025affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1
In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "pasta" protocol splicer has revealed a problem in the way tcp handles window advertising in extreme memory squeeze situations. Und
- CVE-2025-21707Feb 27, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the
- CVE-2024-57998Feb 27, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed v
- CVE-2024-57995Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio, it gets deleted from that radio through a call to ath12
- CVE-2024-57988Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned value in btbcm_get_board_name() is not checked. Add NULL check in btbcm_get_board
- CVE-2024-57987Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oop
- CVE-2024-57982Feb 27, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrm_state_hash_generation seqlock ensures a retry, but the hash functions can observe a hmask value that is too lar
- affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one
- affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_sk_select_reuseport() memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF set before it
- CVE-2024-57947Jan 23, 2025affected < 6.4.0-150700.7.13.1fixed 6.4.0-150700.7.13.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
- CVE-2025-21658Jan 21, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dere
- affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing has
- CVE-2025-21629Jan 15, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIF_F_IPV6_CSUM, based on the definition
- CVE-2024-49568Jan 11, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg When receiving proposal msg in server, the fields v2_ext_offset/ eid_cnt/ism_gid_cnt in proposal msg are from the remote client and c
- CVE-2024-56742Dec 29, 2024affected < 6.4.0-150700.7.13.1fixed 6.4.0-150700.7.13.1
In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed t
Page 108 of 111