rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP7
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7
Vulnerabilities (2,100)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-37751 | — | < 6.4.0-150700.7.31.1 | 6.4.0-150700.7.31.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode was removed during the switch from x86_cpu_desc to x86_cpu_id. This causes readers to ru | ||
| CVE-2025-37750 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 ("smb: client: allocate crypto only for primary server") and commit b0abcd65ec54 ("smb: client: fix UAF in async decryption"), the | ||
| CVE-2025-37749 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing s | ||
| CVE-2025-37748 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group Currently, mtk_iommu calls during probe iommu_device_register before the hw_list from driver data is initialized. Since iommu probing issue f | ||
| CVE-2025-37747 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf: Fix hang while freeing sigtrap event Perf can hang while freeing a sigtrap event if a related deferred signal hadn't managed to be sent before the file got closed: perf_event_overflow() task_work_add( | ||
| CVE-2025-37744 | — | < 6.4.0-150700.7.31.1 | 6.4.0-150700.7.31.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_pci_remove() Kmemleak reported this error: unreferenced object 0xffff1c165cec3060 (size 32): comm "insmod", pid 560, jiffies 4296964570 (age 235.596s) backtrac | ||
| CVE-2025-37743 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid memory leak while enabling statistics Driver uses monitor destination rings for extended statistics mode and standalone monitor mode. In extended statistics mode, TLVs are parsed from the bu | ||
| CVE-2025-37742 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount() function syzbot reports that hex_dump_to_buffer is using uninit-value: ===================================================== BUG: KMSAN: uninit-v | ||
| CVE-2025-37741 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. [1] When calling "ioctl$LOOP_SET_STATUS64", the offset value passed in is 4, which does not match the mounted loop | ||
| CVE-2025-37740 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth | ||
| CVE-2025-37738 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: =================================== | ||
| CVE-2025-23163 | — | < 6.4.0-150700.7.13.1 | 6.4.0-150700.7.13.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================ [ 1.211571] WARNING: possible re | ||
| CVE-2025-23162 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Don't try to trigger a full GT reset if VF VFs don't have access to the GDRST(0x941c) register that driver uses to reset a GT. Attempt to trigger a reset using debugfs: $ cat /sys/kernel/debug/dri/ | ||
| CVE-2025-23161 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interru | ||
| CVE-2025-23159 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr->buf_size is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer | ||
| CVE-2025-23158 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, | ||
| CVE-2025-23157 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: add check to avoid out of bound access There is a possibility that init_codecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecs_count c | ||
| CVE-2025-23156 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in total payload, while data points to payload of various property within it. When words_count reaches last wo | ||
| CVE-2025-23155 | — | < 6.4.0-150700.7.8.1 | 6.4.0-150700.7.8.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hi | ||
| CVE-2025-23154 | — | < 6.4.0-150700.7.3.1 | 6.4.0-150700.7.3.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix io_req_post_cqe abuse by send bundle [ 114.987980][ T5313] WARNING: CPU: 6 PID: 5313 at io_uring/io_uring.c:872 io_req_post_cqe+0x12e/0x4f0 [ 114.991597][ T5313] RIP: 0010:io_req_post_cqe+0x |
- CVE-2025-37751May 1, 2025affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1
In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode was removed during the switch from x86_cpu_desc to x86_cpu_id. This causes readers to ru
- CVE-2025-37750May 1, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 ("smb: client: allocate crypto only for primary server") and commit b0abcd65ec54 ("smb: client: fix UAF in async decryption"), the
- CVE-2025-37749May 1, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing s
- CVE-2025-37748May 1, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group Currently, mtk_iommu calls during probe iommu_device_register before the hw_list from driver data is initialized. Since iommu probing issue f
- CVE-2025-37747May 1, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: perf: Fix hang while freeing sigtrap event Perf can hang while freeing a sigtrap event if a related deferred signal hadn't managed to be sent before the file got closed: perf_event_overflow() task_work_add(
- CVE-2025-37744May 1, 2025affected < 6.4.0-150700.7.31.1fixed 6.4.0-150700.7.31.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_pci_remove() Kmemleak reported this error: unreferenced object 0xffff1c165cec3060 (size 32): comm "insmod", pid 560, jiffies 4296964570 (age 235.596s) backtrac
- CVE-2025-37743May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid memory leak while enabling statistics Driver uses monitor destination rings for extended statistics mode and standalone monitor mode. In extended statistics mode, TLVs are parsed from the bu
- CVE-2025-37742May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount() function syzbot reports that hex_dump_to_buffer is using uninit-value: ===================================================== BUG: KMSAN: uninit-v
- CVE-2025-37741May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. [1] When calling "ioctl$LOOP_SET_STATUS64", the offset value passed in is 4, which does not match the mounted loop
- CVE-2025-37740May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth
- CVE-2025-37738May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================
- CVE-2025-23163May 1, 2025affected < 6.4.0-150700.7.13.1fixed 6.4.0-150700.7.13.1
In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================ [ 1.211571] WARNING: possible re
- CVE-2025-23162May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Don't try to trigger a full GT reset if VF VFs don't have access to the GDRST(0x941c) register that driver uses to reset a GT. Attempt to trigger a reset using debugfs: $ cat /sys/kernel/debug/dri/
- CVE-2025-23161May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interru
- CVE-2025-23159May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr->buf_size is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer
- CVE-2025-23158May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation,
- CVE-2025-23157May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: add check to avoid out of bound access There is a possibility that init_codecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecs_count c
- CVE-2025-23156May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in total payload, while data points to payload of various property within it. When words_count reaches last wo
- CVE-2025-23155May 1, 2025affected < 6.4.0-150700.7.8.1fixed 6.4.0-150700.7.8.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hi
- CVE-2025-23154May 1, 2025affected < 6.4.0-150700.7.3.1fixed 6.4.0-150700.7.3.1
In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix io_req_post_cqe abuse by send bundle [ 114.987980][ T5313] WARNING: CPU: 6 PID: 5313 at io_uring/io_uring.c:872 io_req_post_cqe+0x12e/0x4f0 [ 114.991597][ T5313] RIP: 0010:io_req_post_cqe+0x
Page 96 of 105