VYPR

rpm package

opensuse/kernel-kvmsmall&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6

Vulnerabilities (4,148)

  • CVE-2026-23269HigMar 18, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes into the DFA state tables. The aa_dfa_next() function call in unpack_pdb() will acce

  • CVE-2026-23268HigMar 18, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by

  • CVE-2025-71231Feb 18, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empt

  • CVE-2026-23214Feb 18, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only [BUG] There is a bug report where a heavily fuzzed fs is mounted with all rescue mount options, which leads to the following warnings during unmount:

  • CVE-2026-23209HigFeb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23207MedFeb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() with the spinlock. Withou

  • CVE-2026-23204HigFeb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro f

  • CVE-2026-23191HigFeb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop

  • CVE-2026-23202Feb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress. When clearing curr_xfer in th

  • CVE-2026-23157Feb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of balance_dirty_pages(), caus

  • CVE-2026-23141Feb 14, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inli

  • CVE-2026-23111HigFeb 13, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()

  • CVE-2026-23074HigFeb 4, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc

  • CVE-2026-23054Feb 4, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndis_filter_device_add() do

  • CVE-2026-23089Feb 4, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() When snd_usb_create_mixer() fails, snd_usb_mixer_free() frees mixer->id_elems but the controls already added to the card still reference the freed mem

  • CVE-2026-23060Feb 4, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, crypto_authenc_esn_decrypt()

  • CVE-2026-23010HigJan 25, 2026
    affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of inet6_ifaddr in inet6_addr_del(). [0] The cited commit accidentally moved ipv6_del_addr() for mngtmpaddr before reading its ifp->

  • CVE-2026-23004HigJan 25, 2026
    affected < 6.4.0-150600.23.92.1fixed 6.4.0-150600.23.92.1

    In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() syzbot was able to crash the kernel in rt6_uncached_list_flush_dev() in an interesting way [1] Crash happens in list_del_init()/INIT_LIST_HE

  • CVE-2026-23001HigJan 25, 2026
    affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan_hash_del_source() is called, we must clear entry->vlan pointer before RCU grace

  • CVE-2026-22999HigJan 25, 2026
    affected < 6.4.0-150600.23.87.1fixed 6.4.0-150600.23.87.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.

Page 1 of 208