VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2026-46309Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise Add validation in xe_vm_madvise_ioctl() to reject PAT indices with XE_COH_NONE coherency mode when applied to CPU cached memory. Using co

  • CVE-2026-46308Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsys_get_bus_protection_legacy() In scpsys_get_bus_protection_legacy(), of_find_node_with_property() returns a device node with its reference count incremented. The f

  • CVE-2026-46307HigJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: > The ath5k driver seems to do an array-index-out-of-bounds access as > shown by the UBSAN kernel message: > UBSAN: array-index-out-of-bounds in drivers/net

  • CVE-2026-46306HigJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: flow_dissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression (PFC) is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE session

  • CVE-2026-46305Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc The return value of kzalloc_flex() is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditio

  • CVE-2026-46304HigJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free nvmet_tcp_release_queue_work() runs on nvmet-wq and can drop the final controller reference through nvmet_cq_put(). If that triggers nvmet_ctrl_free(), t

  • CVE-2026-46303HigJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE record and passes it to sb_bread() without checking that the block num

  • CVE-2026-46302Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kerne

  • CVE-2026-46301Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind

  • CVE-2026-46299HigJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus_fill_super() hfsplus_fill_super() calls hfs_find_init() to initialize a search structure, which acquires tree->tree_lock. If the subsequent call to hfsplus_cat_build_key(

  • CVE-2026-46298Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing ->ioctl handler or ->release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these

  • CVE-2026-46297Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: libwx: use request_irq for VF misc interrupt Currently, request_threaded_irq() is used with a primary handler but a NULL threaded handler, while also setting the IRQF_ONESHOT flag. This specific combinatio

  • CVE-2026-46296Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe() back to s3c64xx_spi_prepare_transfer() failed to remove the corresponding deallocation from remove(). Drop the

  • CVE-2026-46295Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty Fall back to apic_find_highest_vector() when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt fr

  • CVE-2026-46294Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson (using Claude) found a buffer overflow in dm-ioctl in the function retrieve_status: 1. The code in retrieve_status checks that the output string fits

  • CVE-2026-46293Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space i

  • CVE-2026-46292Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpd_dev_pm_attach_by_id(), genpd calls pm_runtime_enable() for the corresponding virtual device

  • CVE-2026-46291Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hash_digest_key Use print_hex_dump_devel() for dumping sensitive HMAC key bytes in hash_digest_key() to avoid leaking secrets at runtime when CONFIG_DYNAMIC_DEBUG is e

  • CVE-2026-46290Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 ("x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs"), kernel_fpu_begin() calls f

  • CVE-2026-46289CriJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec_to_sg Patch series "Fix bugs in extract_iter_to_sg()", v3. Fix bugs in the kvec and user variants of extract_iter_to_sg. This series is growing due to

Page 2 of 72