VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2026-46060MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adf_dev_up() partially completes and then fails, the IRQ handlers registered during adf_isr_resource_alloc() are not detached before the MSI-X vectors ar

  • CVE-2026-46059MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the cur

  • CVE-2026-46058HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: amphion: Fix race between m2m job_abort and device_run Fix kernel panic caused by race condition where v4l2_m2m_ctx_release() frees m2m_ctx while v4l2_m2m_try_run() is about to call device_run with the s

  • CVE-2026-46057LowMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork() hook_cred_transfer() only copies the Landlock security blob when the source credential has a domain. This is inconsistent with landlock_restrict_self(

  • CVE-2026-46056HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers hci_conn lookup and field access must be covered by hdev lock in hci_user_passkey_notify_evt() and hci_keypress_notify_evt(), otherwise the connec

  • CVE-2026-46055HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aa_dfa_

  • CVE-2026-46054HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap() and mprotect() access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file (the "user" file) and the

  • CVE-2026-46053HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error __rds_rdma_map() hands sg/pages ownership to the transport after get_mr() succeeds. If copying the generated cookie back to user space fails after that point, the error pa

  • CVE-2026-46052HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: only d_add() negative dentries when they are unhashed Ceph can call d_add(dentry, NULL) on a negative dentry that is already present in the primary dcache hash. In the current VFS that is not safe. d_ad

  • CVE-2026-46051MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retry_aligned_read() When retry_aligned_read() encounters an overlapped stripe, it releases the stripe via raid5_release_stripe() which puts it on the lockless released_stripes llis

  • CVE-2026-46050MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix deadlock with check operation and nowait requests When an array check is running it will raise the barrier at which point normal requests will become blocked and increment the nr_pending value to

  • CVE-2026-46049MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdif_passthru_playback_get_resources() uses atc->pll_rate as the RSR for the MSR calculation loop. However, pll_rate is only updated in atc_pll_init() and no

  • CVE-2026-46048MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usb_dev refcount leak on probe failure create_card() takes a reference on the USB device with usb_get_dev() and stores the matching usb_put_dev() in card_free(), which is installed as the snd_c

  • CVE-2026-46047HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove() In the remove callback, if a packet arrives after destroy_workqueue() is called, but before sock_release(), the qrtr_ns_data_ready() callback will try to que

  • CVE-2026-46046MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() The commit c8e008b60492 ("ext4: ignore xattrs past end") introduced a refcount leak in when block_csum is false. ext4_xattr_inode_dec_ref_all() call

  • CVE-2026-46045HigMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: skip reading rdevs that are not in_sync When reading bitmap pages from member disks, the code iterates through all rdevs and attempts to read from the first available one. However, it only check

  • CVE-2026-46044MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthre

  • CVE-2026-46043CriMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv rxe_rcv() currently checks only that the incoming packet is at least header_size(pkt) bytes long before payload_size() is used. However, payload

  • CVE-2026-46042MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leaks in weighted_interleave_auto_store() weighted_interleave_auto_store() fetches old_wi_state inside the if (!input) block only. This causes two memory leaks: 1. When a user writes

  • CVE-2026-46041MedMay 27, 2026
    affected < 7.0.11-1.1fixed 7.0.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames() hdlc_append() calls usleep_range() to wait for circular buffer space, but it is called with tx_producer_lock (a spinlock) held via hdlc_tx

Page 13 of 72