rpm package

opensuse/kernel-azure&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0

Vulnerabilities (643)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-23139	Hig	7.5	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. Wit
CVE-2026-23136	Hig	7.5	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply
CVE-2026-23173		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers a
CVE-2026-23170		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.
CVE-2026-23167		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported the splat below [0] without a repro. It indicates that struct nci_dev.cmd_wq had been destroyed before nci_close_device() was call
CVE-2026-23166		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes during resume from suspend when rings[q_idx]->q_vector is NULL. Tested adapt
CVE-2026-23163		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On APUs such as Raven and Renoir (GC 9.1.0, 9.2.2, 9.3.0), the ih1 and ih2 interrupt ring buffers are not initialized. This is by desi
CVE-2026-23158		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guard(mutex) to protect the device structure. However, the device is freed before the guard cleanup runs, causing mu
CVE-2026-23157		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of balance_dirty_pages(), caus
CVE-2026-23156		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory b
CVE-2026-23154		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKB_GSO_DODGY flag for frag_list GSO packets, addressing low throughput issues observed when a
CVE-2026-23152		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped.
CVE-2026-23150		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various memory leaks related to NFC, struct nfc_llcp_sock, sk_buff, nfc_dev, etc. [0] The leading log hinted that nfc_llcp_send_ui_frame() fa
CVE-2026-23146		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_proto() sets HCI_UART_PROTO_INIT before calling hci_uart_register_dev(), which calls proto->open() to initialize hu->priv. However, if
CVE-2026-23145		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refcount for iloc.bh. Find this when review code.
CVE-2026-23144		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. A
CVE-2026-23142		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of access_pattern/ directory, subdirectories of access_pattern
CVE-2026-23141		—	< 6.12.0-160000.27.1	6.12.0-160000.27.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inli
CVE-2026-23140		—	< 6.12.0-160000.28.1	6.12.0-160000.28.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_frame structure takes up part of the XDP frame headroom, limiting the size of the metadata. However, in bpf_test_run, we don't take t
CVE-2026-23138		—	< 6.12.0-160000.28.1	6.12.0-160000.28.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace cod

CVE-2026-23139HigFeb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. Wit
CVE-2026-23136HigFeb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply
CVE-2026-23173Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers a
CVE-2026-23170Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.
CVE-2026-23167Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported the splat below [0] without a repro. It indicates that struct nci_dev.cmd_wq had been destroyed before nci_close_device() was call
CVE-2026-23166Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes during resume from suspend when rings[q_idx]->q_vector is NULL. Tested adapt
CVE-2026-23163Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On APUs such as Raven and Renoir (GC 9.1.0, 9.2.2, 9.3.0), the ih1 and ih2 interrupt ring buffers are not initialized. This is by desi
CVE-2026-23158Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guard(mutex) to protect the device structure. However, the device is freed before the guard cleanup runs, causing mu
CVE-2026-23157Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of balance_dirty_pages(), caus
CVE-2026-23156Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory b
CVE-2026-23154Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKB_GSO_DODGY flag for frag_list GSO packets, addressing low throughput issues observed when a
CVE-2026-23152Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped.
CVE-2026-23150Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various memory leaks related to NFC, struct nfc_llcp_sock, sk_buff, nfc_dev, etc. [0] The leading log hinted that nfc_llcp_send_ui_frame() fa
CVE-2026-23146Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_proto() sets HCI_UART_PROTO_INIT before calling hci_uart_register_dev(), which calls proto->open() to initialize hu->priv. However, if
CVE-2026-23145Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refcount for iloc.bh. Find this when review code.
CVE-2026-23144Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. A
CVE-2026-23142Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup fails after setup of access_pattern/ directory, subdirectories of access_pattern
CVE-2026-23141Feb 14, 2026
affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inli
CVE-2026-23140Feb 14, 2026
affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1
In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_frame structure takes up part of the XDP frame headroom, limiting the size of the metadata. However, in bpf_test_run, we don't take t
CVE-2026-23138Feb 14, 2026
affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace cod

Page 5 of 33