VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2026-46120HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ip6_gre: Use cached t->net in ip6erspan_changelink(). After commit 5e72ce3e3980 ("net: ipv6: Use link netns in newlink() of rtnl_link_ops"), ip6erspan_newlink() correctly resolves the per-netns ip6gre hash via

  • CVE-2026-46119CriMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY contains a positive value in its result field, it is treated as an error code b

  • CVE-2026-46118May 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle() commit 6d3789d347a7 ("papr-hvpipe: convert papr_hvpipe_dev_create_handle() to FD_PREPARE()"), changed the create handle to FD_PREPARE()

  • CVE-2026-46117HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARN_ON() then go on

  • CVE-2026-46116HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete KASAN reproduces a slab-use-after-free in __xfrm_state_delete()'s hlist_del_rcu calls under syzkaller load on linux-6.12.y stable (reproduced on

  • CVE-2026-46115CriMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used by the request merge, DMA mapping, and integrity merge paths to decide if two physically contiguous bvec segments can be coalesced

  • CVE-2026-46114HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads atomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c unconditionally dereferences 8 bytes at payload_addr(pkt): value = *(u64 *)payload_addr(pkt);

  • CVE-2026-46113HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index. This assumption breaks for shadow paging if the guest pag

  • CVE-2026-46112HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hns_roce_qp_remove() Sashiko points out that hns_roce_qp_remove() requires the caller to hold locks. The error flow in hns_roce_create_qp_common() doesn't hold those locks for th

  • CVE-2026-46111HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in create_big_sync Add hci_conn_valid() check in create_big_sync() to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in crea

  • CVE-2026-46110HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to th

  • CVE-2026-46109May 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpi_register() error paths Commit 01af542392b5 ("usb: ulpi: fix double free in ulpi_register_interface() error path") removed kfree(ulpi) from ulpi_register_interface() to fix a d

  • CVE-2026-46108May 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state.

  • CVE-2026-46107HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalance_children. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to

  • CVE-2026-46106May 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfs_mutex and SRCU when remount walks events Commit 340f0c7067a9 ("eventfs: Update all the eventfs_inodes from the events descriptor") had eventfs_set_attrs() recurse through ei->children on r

  • CVE-2026-46105HigMay 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, acco

  • CVE-2026-46104May 28, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock_has_perm() and nlmsg_sock_has_extended_perms() currently dereference sk->sk_security

  • CVE-2026-46103May 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory

  • CVE-2026-46102HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skb_head leak in strp_abort_strp() When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp->sk

  • CVE-2026-46101May 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nft_bitwise Reject zero shift operands for nft_bitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 3

Page 10 of 72