suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7

Vulnerabilities (2,100)

• CVE-2025-71135Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() The variable mddev->private is first assigned to conf and then checked: conf = mddev->private; if (!conf) ... If conf is

• CVE-2025-71133Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event irdma_net_event() should not dereference anything from "neigh" (alias "ptr") until it has checked that the event is NETEVENT_NEIGH_UPDATE. Other events come wit

• CVE-2025-71132Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPT_RT When smc91x.c is built with PREEMPT_RT, the following splat occurs in FVP_RevC: [ 13.055000] smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 [

• CVE-2025-71131Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req->iv after it ret

• CVE-2025-71130Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb->vma[i].vma pointers

• CVE-2025-71126Jan 14, 2026
  affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1

  In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme #1 Not tainted -------------------------

• CVE-2025-71125Jan 14, 2026
  affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer w

• CVE-2025-71123Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 ("string.h: Introduce me

• CVE-2025-71120Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres

• CVE-2025-71119Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Wakin

• CVE-2025-71118Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if start_node is NULL Although commit 0c9992315e73 ("ACPICA: Avoid walking the ACPI Namespace if it is not there") fixed the situation when both start_node and acpi_gbl_root_

• CVE-2025-71116Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encoded length of ceph_pg_pool envelope is less than what is expected for a particular

• CVE-2025-71114Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: via_wdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocate_resource() to reserve a MMIO region for the watchdog control register. However, the allocated resource wa

• CVE-2025-71113Jan 14, 2026
  affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, relying on callers to set fields explicitl

• CVE-2025-71112Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_V

• CVE-2025-71111Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU The macro FAN_FROM_REG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Che

• CVE-2025-71108Jan 14, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to

• CVE-2025-71104Jan 14, 2026
  affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expirat

• CVE-2025-71089HigJan 13, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing (SVA).

• CVE-2025-71066Jan 13, 2026
  affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change zdi-disclosures@trendmicro.com says: The vulnerability is a race condition between `ets_qdisc_dequeue` and `ets_qdisc_ch