rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-46100 | Hig | 7.8 | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmap_prepare() change Partially reverts commit 9d5403b1036c ("fs: convert most other generic_file_*mmap() users to .mmap_prepare()"). This is because the .mmap invocation establishes a refcount | |
| CVE-2026-46099 | Hig | 8.1 | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6_input_core() and rpl_input() call ip6_route_input() which sets a NOREF dst on the skb, then pass it to dst_cache_set_ip6() invoking dst_hold() uncondi | |
| CVE-2026-46098 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown `caif_connect()` can tear down an existing client after remote shutdown by calling `caif_disconnect_client()` followed by `caif_free_client()`. `caif_free_cli | ||
| CVE-2026-46097 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e ("Input: edt-ft5x06 - use per-client debugfs directory") removed the manual debugfs teardown, relying on the I2C core to handle | ||
| CVE-2026-46096 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() tpm2_read_public() calls tpm_buf_init() but fails to call tpm_buf_destroy() on two exit paths, leaking a page allocation: 1. When name_size() | ||
| CVE-2026-46095 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmap_state_machine() in both llbitmap_start_write() and llbitmap_start_discard(). This ensures t | ||
| CVE-2026-46094 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access The bounds check for the next xattr entry in check_xattrs() uses (void *)next >= end, which allows next to point within sizeof(u32) bytes | ||
| CVE-2026-46093 | Hig | 7.8 | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmap_purge_lock in shrinker decay_va_pool_node() can be invoked concurrently from two paths: __purge_vmap_area_lazy() when pools are being purged, and the shrinker via vmap_node_shrink_scan(). | |
| CVE-2026-46092 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pci_upstream_bridge() returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will c | ||
| CVE-2026-46091 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately. | ||
| CVE-2026-46090 | Hig | 7.8 | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopback_check_format() may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa6 | |
| CVE-2026-46089 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAGESIZE 65536 blkdiscard -p 4k /dev/zram0 takes literally forever to complete. | ||
| CVE-2026-46088 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() snd_ctl_elem_init_enum_names() advances pointer p through the names buffer while decrementing buf_len. If buf_len reaches zero | ||
| CVE-2026-46087 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start() Destroy the DAMON context and reset the global pointer when damon_start() fails. Otherwise, the context allocated by damon_stat_bui | ||
| CVE-2026-46086 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by `fdb_delete_local()`, which updates `f->dst` to another port or to `NULL` while keeping the entry alive. | ||
| CVE-2026-46085 | Hig | 7.5 | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARN_ON_ONCE() so that it | |
| CVE-2026-46084 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed (e.g. DPDK exit), mana_ib_destroy_qp_rss() destroys the RX WQ objects but does not disable vPort RX steering in firmware. This lea | ||
| CVE-2026-46083 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a device to avoid leaking any resources allocated by setup(). | ||
| CVE-2026-46082 | — | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inject #UD when EFER.SVME=0. [sean: tag for stable@] | ||
| CVE-2026-46081 | Hig | 7.8 | < 7.0.11-1.1 | 7.0.11-1.1 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - fix wrong pointer stored by acomp_save_req() acomp_save_req() stores &req->chain in req->base.data. When acomp_reqchain_done() is invoked on asynchronous completion, it receives &req->chain as t |
- affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmap_prepare() change Partially reverts commit 9d5403b1036c ("fs: convert most other generic_file_*mmap() users to .mmap_prepare()"). This is because the .mmap invocation establishes a refcount
- affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6_input_core() and rpl_input() call ip6_route_input() which sets a NOREF dst on the skb, then pass it to dst_cache_set_ip6() invoking dst_hold() uncondi
- CVE-2026-46098May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown `caif_connect()` can tear down an existing client after remote shutdown by calling `caif_disconnect_client()` followed by `caif_free_client()`. `caif_free_cli
- CVE-2026-46097May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e ("Input: edt-ft5x06 - use per-client debugfs directory") removed the manual debugfs teardown, relying on the I2C core to handle
- CVE-2026-46096May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() tpm2_read_public() calls tpm_buf_init() but fails to call tpm_buf_destroy() on two exit paths, leaking a page allocation: 1. When name_size()
- CVE-2026-46095May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmap_state_machine() in both llbitmap_start_write() and llbitmap_start_discard(). This ensures t
- CVE-2026-46094May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access The bounds check for the next xattr entry in check_xattrs() uses (void *)next >= end, which allows next to point within sizeof(u32) bytes
- affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmap_purge_lock in shrinker decay_va_pool_node() can be invoked concurrently from two paths: __purge_vmap_area_lazy() when pools are being purged, and the shrinker via vmap_node_shrink_scan().
- CVE-2026-46092May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pci_upstream_bridge() returns NULL if the device is on a root bus. If 8821CE is installed in the system with such a PCI topology, the probing routine will c
- CVE-2026-46091May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately.
- affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopback_check_format() may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa6
- CVE-2026-46089May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAGESIZE 65536 blkdiscard -p 4k /dev/zram0 takes literally forever to complete.
- CVE-2026-46088May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() snd_ctl_elem_init_enum_names() advances pointer p through the names buffer while decrementing buf_len. If buf_len reaches zero
- CVE-2026-46087May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start() Destroy the DAMON context and reset the global pointer when damon_start() fails. Otherwise, the context allocated by damon_stat_bui
- CVE-2026-46086May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by `fdb_delete_local()`, which updates `f->dst` to another port or to `NULL` while keeping the entry alive.
- affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARN_ON_ONCE() so that it
- CVE-2026-46084May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed (e.g. DPDK exit), mana_ib_destroy_qp_rss() destroys the RX WQ objects but does not disable vPort RX steering in firmware. This lea
- CVE-2026-46083May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a device to avoid leaking any resources allocated by setup().
- CVE-2026-46082May 27, 2026affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inject #UD when EFER.SVME=0. [sean: tag for stable@]
- affected < 7.0.11-1.1fixed 7.0.11-1.1
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - fix wrong pointer stored by acomp_save_req() acomp_save_req() stores &req->chain in req->base.data. When acomp_reqchain_done() is invoked on asynchronous completion, it receives &req->chain as t
Page 11 of 72