rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54241 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 ("MIPS: Remove KVM_TE support") we get a NULL pointer dereference when creating a KVM guest: [ 146.243409] Starting KVM with MIPS | ||
| CVE-2023-54240 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() rule_locs is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt need | ||
| CVE-2023-54235 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was observed in testing: ODEBUG: free active (active state 0) object: 0000000097d23782 object type: work_struct hint: doe_statemachi | ||
| CVE-2023-54230 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By us | ||
| CVE-2023-54229 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: | ||
| CVE-2023-54227 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs | ||
| CVE-2023-54225 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a c | ||
| CVE-2023-54224 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to inser | ||
| CVE-2023-54223 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDP_REDIRECT path, and then once again in | ||
| CVE-2023-54221 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line | ||
| CVE-2023-54220 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading | ||
| CVE-2023-54219 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. --------- | ||
| CVE-2023-54215 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs() Free the cpumask allocated by create_affinity_masks() before returning from the function. | ||
| CVE-2023-54211 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix warning in trace_buffered_event_disable() Warning happened in trace_buffered_event_disable() at WARN_ON_ONCE(!trace_buffered_event_ref) Call Trace: ? __warn+0xa5/0x1b0 ? trace_buffered_e | ||
| CVE-2023-54210 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor() KASAN reports that there's a use-after-free in hci_remove_adv_monitor(). Trawling through the disassembly, you can see that the comp | ||
| CVE-2023-54209 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b ("block: remove per-disk debugfs files in blk_unregister_queue") moves blk_trace_shutdown() from blk_release_queue() to blk_unregister_queue(), th | ||
| CVE-2023-54204 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, 1. the memory allocated in mmc_alloc_host() will be leaked 2. null-ptr-deref will happen wh | ||
| CVE-2023-54201 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destr | ||
| CVE-2023-54194 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmalloc_array due to system memory | ||
| CVE-2023-54189 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. |
- CVE-2023-54241Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 ("MIPS: Remove KVM_TE support") we get a NULL pointer dereference when creating a KVM guest: [ 146.243409] Starting KVM with MIPS
- CVE-2023-54240Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() rule_locs is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt need
- CVE-2023-54235Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was observed in testing: ODEBUG: free active (active state 0) object: 0000000097d23782 object type: work_struct hint: doe_statemachi
- CVE-2023-54230Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By us
- CVE-2023-54229Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register:
- CVE-2023-54227Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs
- CVE-2023-54225Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a c
- CVE-2023-54224Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to inser
- CVE-2023-54223Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDP_REDIRECT path, and then once again in
- CVE-2023-54221Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line
- CVE-2023-54220Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading
- CVE-2023-54219Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. ---------
- CVE-2023-54215Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs() Free the cpumask allocated by create_affinity_masks() before returning from the function.
- CVE-2023-54211Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix warning in trace_buffered_event_disable() Warning happened in trace_buffered_event_disable() at WARN_ON_ONCE(!trace_buffered_event_ref) Call Trace: ? __warn+0xa5/0x1b0 ? trace_buffered_e
- CVE-2023-54210Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor() KASAN reports that there's a use-after-free in hci_remove_adv_monitor(). Trawling through the disassembly, you can see that the comp
- CVE-2023-54209Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b ("block: remove per-disk debugfs files in blk_unregister_queue") moves blk_trace_shutdown() from blk_release_queue() to blk_unregister_queue(), th
- CVE-2023-54204Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, 1. the memory allocated in mmc_alloc_host() will be leaked 2. null-ptr-deref will happen wh
- CVE-2023-54201Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destr
- CVE-2023-54194Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmalloc_array due to system memory
- CVE-2023-54189Dec 30, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
Page 17 of 105