VYPR

rpm package

suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7

pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Vulnerabilities (2,100)

  • CVE-2025-37929May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays Commit a5951389e58d ("arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists") added some additional CPUs to the Spectre-BHB

  • CVE-2025-37928May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: dm-bufio: don't schedule in atomic context A BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and try_verify_in_tasklet are enabled. [ 129.444685][ T934] BUG: sleeping function called from invalid con

  • CVE-2025-37927May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIID_LEN against a total string length doesn

  • CVE-2025-37923May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in trace_seq_to_buffer() syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/tr

  • CVE-2025-37921May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote (assuming one was configured) is dele

  • CVE-2025-37920May 20, 2025
    affected < 6.4.0-150700.7.13.1fixed 6.4.0-150700.7.13.1

    In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AF_XDP generic RX path Move rx_lock from xsk_socket to xsk_buff_pool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xsk_buff_pool. R

  • CVE-2025-37918May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() A NULL pointer dereference can occur in skb_dequeue() when processing a QCA firmware crash dump on WCN7851 (0489:e0f3). [ 93.672166] Bluetooth:

  • CVE-2025-37917May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver to avoid spinlock recursio

  • CVE-2025-37916May 20, 2025
    affected < 6.4.0-150700.7.25.1fixed 6.4.0-150700.7.25.1

    In the Linux kernel, the following vulnerability has been resolved: pds_core: remove write-after-free of client_id A use-after-free error popped up in stress testing: [Mon Apr 21 21:21:33 2025] BUG: KFENCE: use-after-free write in pdsc_auxbus_dev_del+0xef/0x160 [pds_core] [Mon

  • CVE-2025-37915May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant

  • CVE-2025-37914May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant

  • CVE-2025-37913May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant

  • CVE-2025-37912May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() As mentioned in the commit baeb705fd6a7 ("ice: always check VF VSI pointer values"), we need to perform a null pointer check on the return value of ice_

  • CVE-2025-37911May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix out-of-bound memcpy() during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [

  • CVE-2025-37909May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to

  • CVE-2025-37905May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Balance device refcount when destroying devices Using device_find_child() to lookup the proper SCMI device to destroy causes an unbalance in device refcount, since device_find_child() calls

  • CVE-2025-37903May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector objects without incrementing the kref reference counts. When using a USB-C dock, and the

  • CVE-2025-37901May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs On Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not have a corresponding MPM pin and should not be handled inside the M

  • CVE-2025-37900May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommu_copy_struct_from_user() In the review for iommu_copy_struct_to_user() helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it: https://lore.kerne

  • CVE-2025-37897May 20, 2025
    affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release plfxlc_mac_release() asserts that mac->lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour

Page 90 of 105