VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2026-31589CriApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm: call ->free_folio() directly in folio_unmap_invalidate() We can only call filemap_free_folio() if we have a reference to (or hold a lock on) the mapping. Otherwise, we've already removed the folio from the

  • CVE-2026-31588HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values When exiting to userspace to service an emulated MMIO write, copy the to-be-written value to a scratch field in the MMIO fragment if the s

  • CVE-2026-31587HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm: move component registration to unmanaged version q6apm component registers dais dynamically from ASoC toplology, which are allocated using device managed version apis. Allocating both compone

  • CVE-2026-31586HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() cgwb_release_workfn() calls css_put(wb->blkcg_css) and then later accesses wb->blkcg_css again via blkcg_unpin_online(). If css_put() drops the last

  • CVE-2026-31585MedApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix nfeeds state corruption on start_streaming failure syzbot reported a memory leak in vidtv_psi_service_desc_init [1]. When vidtv_start_streaming() fails inside vidtv_start_feed(), the nfeeds c

  • CVE-2026-31584HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fops_vcodec_release() function frees the context structure (ctx) without first cancelling any pending or running work in ctx->encode_work.

  • CVE-2026-31583HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xx_v4l2_open() em28xx_v4l2_open() reads dev->v4l2 without holding dev->lock, creating a race with em28xx_v4l2_init()'s error path and em28xx_v4l2_fini(), both of which f

  • CVE-2026-31582HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Fix use-after-free on USB disconnect After powerz_disconnect() frees the URB and releases the mutex, a subsequent powerz_read() call can acquire the mutex and call powerz_read_data(), which dere

  • CVE-2026-31581HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6fire_chip_abort(), the chip struct is allocated as the card's private data (via snd_card_new with sizeof(struct sfire_chip)). When snd_card_free_when_closed

  • CVE-2026-31580HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: bcache: fix cached_dev.sb_bio use-after-free and crash In our production environment, we have received multiple crash reports regarding libceph, which have caught our attention: ``` [6888366.280350] Call Trace

  • CVE-2026-31579MedApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit wg_netns_pre_exit() manually acquires rtnl_lock() inside the pernet .pre_exit callback. This causes a hung task when another th

  • CVE-2026-31578HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: as102: fix to not free memory after the device is registered in as102_usb_probe() In as102_usb driver, the following race condition occurs: ``` CPU0 CPU1 as102_usb_probe() kzalloc(); // alloc as

  • CVE-2026-31577MedApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map The DAT inode's btree node cache (i_assoc_inode) is initialized lazily during btree operations. However, nilfs_mdt_save_to_shadow_map()

  • CVE-2026-31576HigApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrf_probe() In hackrf driver, the following race condition occurs: ``` CPU0 CPU1 hackrf_probe() kzalloc(); // alloc hackrf_dev

  • CVE-2026-31575MedApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfill_atomic_hugetlb(), linear_page_index() is used to calculate the page index for hugetlb_fault_mutex_hash(). However, linear_page_index() returns

  • CVE-2026-31574MedApr 24, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the next_event_forced flag The prevention mechanism against timer interrupt starvation missed to reset the next_event_forced flag in a couple of places: - When the clock

  • CVE-2026-31532HigApr 23, 2026
    affected < 7.0.3-1.1fixed 7.0.3-1.1

    In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but receiver deletion is deferred with call_rcu(). This leaves a window where raw_rc

  • CVE-2026-23240CriMar 10, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tls_sw_cancel_work_tx() This issue was discovered during a code audit. After cancel_delayed_work_sync() is called from tls_sk_proto_close(), tx_work_handler() can still be scheduled

  • CVE-2026-23239HigMar 10, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: espintcp: Fix race condition in espintcp_close() This issue was discovered during a code audit. After cancel_work_sync() is called from espintcp_close(), espintcp_tx_work() can still be scheduled from paths su

  • CVE-2026-23236HigMar 4, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause

Page 22 of 72