VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server for SAP applications 16.0

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0

Vulnerabilities (594)

  • CVE-2026-23002Jan 25, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read() for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio". For the sleepable context, convert freader to use __kernel_read()

  • CVE-2026-23000Jan 25, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5e_netdev_change_profile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev

  • CVE-2026-22996Jan 25, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails, mlx5e_priv in mlx5e_dev devlink private is used to reference the

  • CVE-2025-71163Jan 25, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device as part of the compat bind and unbind sysfs interface.

  • CVE-2025-71162Jan 25, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. The issue occurs when the DMA buffer is fre

  • CVE-2026-22993MedJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL ptr issue after soft reset During soft reset, the RSS LUT is freed and not restored unless the interface is up. If an ethtool command that accesses the rss lut is attempted immediately af

  • CVE-2026-22992HigJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from mon_handle_auth_done() Currently any error from ceph_auth_handle_reply_done() is propagated via finish_auth() but isn't returned from mon_handle_auth_done(). This results

  • CVE-2026-22991HigJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose_arg_map() may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decode_choose_args(), if

  • CVE-2026-22990HigJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. In

  • CVE-2026-22988HigJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: arp: do not assume dev_hard_header() does not change skb->head arp_create() is the only dev_hard_header() caller making assumption about skb->head being unchanged. A recent commit broke this assumption. Initi

  • CVE-2026-22986MedJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev->srcu If two drivers were calling gpiochip_add_data_with_key(), one may be traversing the srcu-protected list in gpio_name_to_desc(), meanwhile other has just added its gdev

  • CVE-2026-22985MedJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off

  • CVE-2026-22984CriJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov: changelog ]

  • CVE-2026-22981MedJan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and close any netdevs in UP state until the reset handling has completed. Dur

  • CVE-2026-22980HigJan 23, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4_end_grace Writing to v4_end_grace can race with server shutdown and result in memory being accessed after it was freed - reclaim_str_hashtbl in particularly. We cannot hold nfsd_mu

  • CVE-2026-22989Jan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlock_filesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nf

  • CVE-2026-22982Jan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer d

  • CVE-2026-22979Jan 23, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list() is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation lo

  • CVE-2026-22978Jan 23, 2026
    affected < 6.12.0-160000.26.1fixed 6.12.0-160000.26.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in user space) */ __u16 l

  • CVE-2025-71161Jan 23, 2026
    affected < 6.12.0-160000.27.1fixed 6.12.0-160000.27.1

    In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fec_read_bufs, there is a loop that has 253 iterations. For eac

Page 9 of 30