VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2026-43491May 19, 2026
    affected < 7.0.10-1.1fixed 7.0.10-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client can flood NEW_SERVER messages and exhaust memory. F

  • CVE-2026-46333HigMay 15, 2026
    affected < 7.0.9-1.1fixed 7.0.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when y

  • CVE-2026-43490HigMay 15, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, bu

  • CVE-2026-43500HigMay 11, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before

  • CVE-2026-43350HigMay 8, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parse_dacl() treats an ACE SID matching sid_unix_NFS_mode as an NFS mode SID and reads sid.sub_auth[2] to recover the mode bits. That assumes t

  • CVE-2026-43349MedMay 8, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fs_sanity_check_node_footer+0x374/0xa20 fs/f2fs/node.c:1520 f2fs_sani

  • CVE-2026-43348MedMay 8, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER When registering VTL0 memory via MSHV_ADD_VTL0_MEMORY, the kernel computes pgmap->vmemmap_shift as the number of trailing zeros in the OR of start_pfn and l

  • CVE-2026-43284HigMay 8, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths th

  • CVE-2026-43073MedMay 5, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named '__copy_user_nocache()' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally _neit

  • CVE-2026-43072MedMay 5, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platform_get_irq_byname() returns an int platform_get_irq_byname() will return a negative value if an error happens, so it should be checked and not just passed directly into devm_request_threaded_irq(

  • CVE-2026-43071CriMay 5, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentry_hashtable when user sets 'dhash_entries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 #PF: super

  • CVE-2026-43058MedMay 2, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their argument structs by value, causing MSAN to report uninit-value warnings. While o

  • CVE-2026-31719HigMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5enc_dispatch_decrypt() sets req->base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher comple

  • CVE-2026-31718CriMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger When a durable file handle survives session disconnect (TCP close without SMB2_LOGOFF), session_fd_check() sets fp->conn = NULL to preserve

  • CVE-2026-31717HigMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any aut

  • CVE-2026-31716HigMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec->used in journal-replay file record check check_file_record() validates rec->total against the record size but never validates rec->used. The do_action() journal-replay handlers read rec

  • CVE-2026-31715HigMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io() The xfstests case "generic/107" and syzbot have both reported a NULL pointer dereference. The concurrent scenario that triggers the p

  • CVE-2026-31714MedMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fs_rename() syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 (size 16): comm "syz.0.23", pid 6144, jiffies 4294943712 hex dum

  • CVE-2026-31713MedMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason (error, crash) while processing FUSE_INIT, the filesystem creation will hang. The reason is that while a

  • CVE-2026-31712HigMay 1, 2026
    affected < 7.0.7-1.1fixed 7.0.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smb_check_perm_dacl() Both ACE-walk loops in smb_check_perm_dacl() only guard against an under-sized remaining buffer, not against an ACE whose declared `ace->size` is smaller

Page 18 of 72