rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54291 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vduse_vdpa_set_vq_affinity callback can be called with NULL value as cpu_mask when deleting the vduse device. This patch resets virtqueue's IRQ affinity mask value to set al | ||
| CVE-2023-54289 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues() warn: missing unwind goto? At this point in the function, nothing has been all | ||
| CVE-2023-54283 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpf_lru_list KCSAN reported a data-race when accessing node->ref. Although node->ref does not have to be accurate, take this chance to use a more common READ_ONCE() and WRITE_ONCE() | ||
| CVE-2023-54282 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUG_ON with a regular error BUG_ON is unnecessary here, and in addition it confuses smatch. Replacing this with an error return help resolve this smatch warning: drivers/media/tu | ||
| CVE-2023-54281 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfs_iget() to get an inode reference while we are holding on a root's btree. If btrfs_iget | ||
| CVE-2023-54278 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled") the kernel crashes early during boot when debug pagealloc is enabled: mem auto-init: | ||
| CVE-2023-54276 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Commit f5f9d4a314da ("nfsd: move reply cache initialization into nfsd startup") moved the initialization of the reply cache into nfsd s | ||
| CVE-2023-54271 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: | ||
| CVE-2023-54267 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT lppaca_shared_proc() takes a pointer to the lppaca which is typically accessed through get_lppaca(). With DEBUG_PREEMPT enabled, this leads t | ||
| CVE-2023-54266 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920x_read | ||
| CVE-2023-54264 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sb_getblk(inode->i_sb, parent) return a null ptr and taking lock on that leads to the null-ptr-deref bug. | ||
| CVE-2023-54263 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders. | ||
| CVE-2023-54261 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqd_stride function was introduced in commit 2f77b9a242a2 ("drm/amdkfd: Update MQD management on multi XCC setup") but not assigned for gfx11. Fixes a NULL de | ||
| CVE-2023-54258 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifs_oplock_break With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplock_response(), this c | ||
| CVE-2023-54255 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: sh: dma: Fix DMA channel offset calculation Various SoCs of the SH3, SH4 and SH4A family, which use this driver, feature a differing number of DMA channels, which can be distributed between up to two DMAC modul | ||
| CVE-2023-54254 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on eviction error On eviction errors other than -EMULTIHOP we were leaking a resource. Fix. v2: - Avoid yet another goto (Andi Shyti) | ||
| CVE-2023-54253 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after read_folio in relocate_one_page One of the CI runs triggered the following panic assertion failed: PagePrivate(page) && page->private, in fs/btrfs/subpage.c:229 -------- | ||
| CVE-2023-54251 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() called from get_cycle_time_elapsed(), where sched->cycle_time is the divisor. We h | ||
| CVE-2023-54247 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btf_type_id_size() syzbot reported a warning in [1] with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btf_type_id_size+0x2d9/0x9d0 kernel/bpf/btf.c:19 | ||
| CVE-2023-54246 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeou |
- CVE-2023-54291Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: vduse: fix NULL pointer dereference vduse_vdpa_set_vq_affinity callback can be called with NULL value as cpu_mask when deleting the vduse device. This patch resets virtqueue's IRQ affinity mask value to set al
- CVE-2023-54289Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues() warn: missing unwind goto? At this point in the function, nothing has been all
- CVE-2023-54283Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpf_lru_list KCSAN reported a data-race when accessing node->ref. Although node->ref does not have to be accurate, take this chance to use a more common READ_ONCE() and WRITE_ONCE()
- CVE-2023-54282Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUG_ON with a regular error BUG_ON is unnecessary here, and in addition it confuses smatch. Replacing this with an error return help resolve this smatch warning: drivers/media/tu
- CVE-2023-54281Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfs_iget() to get an inode reference while we are holding on a root's btree. If btrfs_iget
- CVE-2023-54278Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled") the kernel crashes early during boot when debug pagealloc is enabled: mem auto-init:
- CVE-2023-54276Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Commit f5f9d4a314da ("nfsd: move reply cache initialization into nfsd startup") moved the initialization of the reply cache into nfsd s
- CVE-2023-54271Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP:
- CVE-2023-54267Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT lppaca_shared_proc() takes a pointer to the lppaca which is typically accessed through get_lppaca(). With DEBUG_PREEMPT enabled, this leads t
- CVE-2023-54266Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920x_read
- CVE-2023-54264Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sb_getblk(inode->i_sb, parent) return a null ptr and taking lock on that leads to the null-ptr-deref bug.
- CVE-2023-54263Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders.
- CVE-2023-54261Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqd_stride function was introduced in commit 2f77b9a242a2 ("drm/amdkfd: Update MQD management on multi XCC setup") but not assigned for gfx11. Fixes a NULL de
- CVE-2023-54258Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifs_oplock_break With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplock_response(), this c
- CVE-2023-54255Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: sh: dma: Fix DMA channel offset calculation Various SoCs of the SH3, SH4 and SH4A family, which use this driver, feature a differing number of DMA channels, which can be distributed between up to two DMAC modul
- CVE-2023-54254Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on eviction error On eviction errors other than -EMULTIHOP we were leaking a resource. Fix. v2: - Avoid yet another goto (Andi Shyti)
- CVE-2023-54253Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after read_folio in relocate_one_page One of the CI runs triggered the following panic assertion failed: PagePrivate(page) && page->private, in fs/btrfs/subpage.c:229 --------
- CVE-2023-54251Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() called from get_cycle_time_elapsed(), where sched->cycle_time is the divisor. We h
- CVE-2023-54247Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btf_type_id_size() syzbot reported a warning in [1] with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btf_type_id_size+0x2d9/0x9d0 kernel/bpf/btf.c:19
- CVE-2023-54246Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeou
Page 16 of 105