VYPR

rpm package

opensuse/kernel-azure&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0

Vulnerabilities (643)

  • CVE-2026-23078Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2_usb_get_config() function has a logic error in the endianness conversion code that can cause buffer overflows when count > 1. The code che

  • CVE-2026-23076Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks (amixer_i

  • CVE-2026-23073Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211_vif contains trailing space for vif driver data, when struct ieee80211_vif is allocated, the total memory size that is a

  • CVE-2026-23072Feb 4, 2026
    affected < 6.12.0-160000.28.1fixed 6.12.0-160000.28.1

    In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tp_udp_encap_recv(). syzbot reported memleak of struct l2tp_session, l2tp_tunnel, sock, etc. [0] The cited commit moved down the validation of the protocol version in l2tp_udp_encap_recv

  • CVE-2026-23071Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: regmap: Fix race condition in hwspinlock irqsave routine Previously, the address of the shared member '&map->spinlock_flags' was passed directly to 'hwspin_lock_timeout_irqsave'. This creates a race condition w

  • CVE-2026-23070Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in shared firmware structure which kernel access via MAC block(CGX/RPM). Accessing

  • CVE-2026-23069Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtio_transport_get_credit() The credit calculation in virtio_transport_get_credit() uses unsigned arithmetic: ret = vvs->peer_buf_alloc - (vvs->tx_cnt - vvs->peer_f

  • CVE-2026-23068Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spi_alloc_host() to allocate the controller but registers it using devm_spi_register_controller(). If devm_register_restart_hand

  • CVE-2026-23065Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrf_record() The tmp buffer is allocated using kcalloc() but is not freed if acpi_evaluate_dsm() fails. This causes a memory leak in the error path. Fix this by explicitly

  • CVE-2026-23064Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ife: avoid possible NULL deref tcf_ife_encode() must make sure ife_encode() does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc000

  • CVE-2026-23063Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling `put_queue` carries risks since it cannot guarantee that resources of `uacce_queue` have been fully released beforehand. So adding a `stop

  • CVE-2026-23062Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro The GET_INSTANCE_ID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used '<=' inste

  • CVE-2026-23061Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"). In kvaser_usb_set_{

  • CVE-2026-23060Feb 4, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, crypto_authenc_esn_decrypt()

  • CVE-2026-23038Jan 31, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails, the function jumps to the out_scratch label without freeing the alread

  • CVE-2026-23037Jan 31, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to succeed When es58x_alloc_rx_urbs() fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58x

  • CVE-2026-23035Jan 31, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails. Pass netdev to mlx5e_destroy_netdev() to guarantee it will w

  • CVE-2026-23033Jan 31, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in error paths The dma_pool created by dma_pool_create() is not destroyed when dma_async_device_register() or of_dma_controller_register() fails, causing a resour

  • CVE-2026-23031Jan 31, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. In the complete callback g

  • CVE-2026-23030Jan 31, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The for_each_available_child_of_node() calls of_node_put() to release child_np in each success loop. After breaking from the loop with

Page 9 of 33