VYPR

rpm package

opensuse/kernel-azure&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0

Vulnerabilities (643)

  • CVE-2025-71236Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature [154563.214890] nvme nvme2: NVME-FC{1}: controller connect complete [154564.169363] qla2xxx [0000:b0:00.1]-3

  • CVE-2025-71235Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. [105954.384919] RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 [105954.3

  • CVE-2025-71234Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station data in __sta_info_alloc().

  • CVE-2025-71233Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work co

  • CVE-2025-71232Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla2xxx [0000:27:00.0]-0042:0: Disabled MSI-X. [61110.467494] ======================

  • CVE-2025-71231Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empt

  • CVE-2025-71229Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() rtw_core_enable_beacon() reads 4 bytes from an address that is not a multiple of 4. This results in a crash on some systems. Do 1 byte reads/writes

  • CVE-2026-23216Feb 18, 2026
    affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() In iscsit_dec_conn_usage_count(), the function calls complete() while holding the conn->conn_usage_lock. As soon as complete() is invoked

  • CVE-2026-23215Feb 18, 2026
    affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1

    In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobbers Fedora QA reported the following panic: BUG: unable to handle page fault for address: 0000000040003e54 #PF: supervisor write access in kernel mode #PF: error_code(0x000

  • CVE-2026-23214Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only [BUG] There is a bug report where a heavily fuzzed fs is mounted with all rescue mount options, which leads to the following warnings during unmount:

  • CVE-2026-23213Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this wind

  • CVE-2025-71225Feb 18, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raid_disks via sysfs In raid1_reshape(), freeze_array() is called before modifying the r1bio memory pool (conf->r1bio_pool) and conf->raid_disks, and unfreeze_array() is called

  • CVE-2026-23210MedFeb 14, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi->rx_rings. The sequence was: 1. ice_ptp_prepare_for_reset

  • CVE-2026-23209HigFeb 14, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23207MedFeb 14, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() with the spinlock. Withou

  • CVE-2026-23204HigFeb 14, 2026
    affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro f

  • CVE-2026-23198HigFeb 14, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVM_IRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvm_arch_irq_bypass_del_producer() on x86

  • CVE-2026-23193HigFeb 14, 2026
    affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function calls complete() while holding the sess->session_usage_lock. Similar to the connecti

  • CVE-2026-23191HigFeb 14, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop

  • CVE-2026-23182Feb 14, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: spi: tegra: Fix a memory leak in tegra_slink_probe() In tegra_slink_probe(), when platform_get_irq() fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with

Page 3 of 33