VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2026-52907HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: fix off by one bugs Change these comparisons from > vs >= to avoid accessing one element beyond the end of the arrays. While at it, use ARRAY_SIZE instead of the _MAX enum values. [fix

  • CVE-2026-52906HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb ("9p: convert to the new mount API"), v9fs_apply_options() applies parsed mount flags with |= onto flags already set by v9fs_se

  • CVE-2026-52905Jun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region_sz on damon_start() Commit d8f867fa0825 ("mm/damon: add damon_ctx->min_sz_region") introduced a bug that allows unaligned DAMON region address ranges. Commit

  • CVE-2026-52904Jun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkm_device leak on aperture removal failure When aperture_remove_conflicting_pci_devices() fails during probe, the error path returns directly without unwinding the nvkm_device that was just a

  • CVE-2026-46332HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between

  • CVE-2026-46324HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use list_del_rcu for netlink hooks nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks need to use list_del_rcu(), this list can be walked by concurrent dumpers. Add a ne

  • CVE-2026-46323HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFL_MANAGED_FRAG_REFS flag. When SKBFL_

  • CVE-2026-46322HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() When build_skb() fails in tun_xdp_one(), the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhost_net_b

  • CVE-2026-46321HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one() tun_xdp_one() returns -EINVAL on a frame shorter than ETH_HLEN without freeing the page that vhost_net_build_xdp() allocated for it. tun_sendmsg() discar

  • CVE-2026-46320HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap_get_user_xdp() tap_get_user_xdp() rejects a frame shorter than ETH_HLEN with -EINVAL, and returns -ENOMEM when build_skb() fails. Both paths jump to the err label without fr

  • CVE-2026-46319HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: Only release RCU read lock after ct_ft When looking up a flow table in act_ct in tcf_ct_flow_table_get(), rhashtable_lookup_fast() internally opens and closes an RCU read critical section bef

  • CVE-2026-46318Jun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare" This reverts commit ea52cb24cd3f ("mm/hugetlbfs: update hugetlbfs to use mmap_prepare") with conflict resolution to account for changes in commit ea52

  • CVE-2026-46317HigJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested_mmus array behind mmu_lock kvm->arch.nested_mmus[] is walked under kvm->mmu_lock, including from the MMU notifier path (kvm_unmap_gfn_range() -> kvm_nested_s2_unmap()), which can run

  • CVE-2026-46316CriJun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgic_its_invalidate_cache() walks the per-ITS translation cache with xa_for_each() and drops the cache's reference on each en

  • CVE-2026-46315Jun 9, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: clear waitid info before copying it to userspace IORING_OP_WAITID stores its result fields in struct io_waitid::info and later copies them to userspace siginfo. The prep path initializes the re

  • CVE-2026-46314Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3d_get_extensions() walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can

  • CVE-2026-46313Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp->psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set

  • CVE-2026-46312Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap vb2_dma_contig sets VMA flags VM_DONTEXPAND and VM_DONTDUMP and I do not see a reason why vb2_dma_sg should behave differently. This avoids hitting `WARN_ON(!(

  • CVE-2026-46311HigJun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drm_exec to take both locks i.e vm root bo and wptr_obj bo to access the mapping data properly. This fixes the security issue of unmap the wptr_obj while

  • CVE-2026-46310Jun 8, 2026
    affected < 7.0.12-1.1fixed 7.0.12-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1_drm_cleanup() where it should

Page 1 of 72