rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54125 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return | ||
| CVE-2023-54121 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add | ||
| CVE-2023-54117 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly | ||
| CVE-2023-54115 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing | ||
| CVE-2023-54113 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invo | ||
| CVE-2023-54112 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 429 | ||
| CVE-2023-54106 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th | ||
| CVE-2023-54104 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS el | ||
| CVE-2023-54101 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to | ||
| CVE-2023-54099 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. Howe | ||
| CVE-2023-54096 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, res | ||
| CVE-2023-54095 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this ca | ||
| CVE-2023-54094 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: [ 62.624003] BUG: kernel NULL pointer dereference, addres | ||
| CVE-2023-54093 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious d | ||
| CVE-2023-54092 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should als | ||
| CVE-2023-54091 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected | ||
| CVE-2023-54089 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------[ cut here ]------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 s | ||
| CVE-2023-54088 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) c | ||
| CVE-2023-54083 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy th | ||
| CVE-2023-54081 | — | < 6.4.0-150700.7.28.1 | 6.4.0-150700.7.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols ex |
- CVE-2023-54125Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return
- CVE-2023-54121Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add
- CVE-2023-54117Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly
- CVE-2023-54115Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing
- CVE-2023-54113Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invo
- CVE-2023-54112Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 429
- CVE-2023-54106Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th
- CVE-2023-54104Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS el
- CVE-2023-54101Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to
- CVE-2023-54099Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. Howe
- CVE-2023-54096Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, res
- CVE-2023-54095Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this ca
- CVE-2023-54094Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: [ 62.624003] BUG: kernel NULL pointer dereference, addres
- CVE-2023-54093Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious d
- CVE-2023-54092Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should als
- CVE-2023-54091Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected
- CVE-2023-54089Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------[ cut here ]------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 s
- CVE-2023-54088Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) c
- CVE-2023-54083Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy th
- CVE-2023-54081Dec 24, 2025affected < 6.4.0-150700.7.28.1fixed 6.4.0-150700.7.28.1
In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols ex
Page 20 of 105