VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2025-71234Feb 18, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station data in __sta_info_alloc().

  • CVE-2025-71233Feb 18, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work co

  • CVE-2025-71232Feb 18, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla2xxx [0000:27:00.0]-0042:0: Disabled MSI-X. [61110.467494] ======================

  • CVE-2025-71231Feb 18, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empt

  • CVE-2025-71230Feb 18, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: hfs: ensure sb->s_fs_info is always cleaned up When hfs was converted to the new mount api a bug was introduced by changing the allocation pattern of sb->s_fs_info. If setup_bdev_super() fails after a new super

  • CVE-2025-71229Feb 18, 2026
    affected < 6.19.8-1.1fixed 6.19.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() rtw_core_enable_beacon() reads 4 bytes from an address that is not a multiple of 4. This results in a crash on some systems. Do 1 byte reads/writes

  • CVE-2025-68766Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() If irq_domain_translate_twocell() sets "hwirq" to >= MCHP_EIC_NIRQ (2) then it results in an out of bounds access. The code checks for invalid values

  • CVE-2025-68765Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() In mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated. If the subsequent call to mt76_connac_mcu_alloc_wtbl_req() fails, the function returns an error

  • CVE-2025-68764Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.

  • CVE-2025-68763Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly handle return of sg_nents_for_len The return value of sg_nents_for_len was assigned to an unsigned long in starfive_hash_digest, causing negative error codes to be converted to larg

  • CVE-2025-68762Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFF_DISABLE_NETPOLL flag. The warning (at kernel/workqueue.c:4242 in __flush_work) oc

  • CVE-2025-68761Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfs_correct_next_unused_CNID() This code calls hfs_bnode_put(node) which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when

  • CVE-2025-68760Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4-

  • CVE-2025-68759Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success

  • CVE-2025-68758Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a

  • CVE-2025-68757Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().

  • CVE-2025-68756Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock blk_mq_{add,del}_queue_tag_set() functions add and remove queues from tagset, the functions make sure that tagset and queues are marke

  • CVE-2025-68755Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: mos

  • CVE-2025-68754Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp

  • CVE-2025-68753Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite

Page 24 of 72