suse/kernel-default-base&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

Vulnerabilities (2,262)

• CVE-2026-23182Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: spi: tegra: Fix a memory leak in tegra_slink_probe() In tegra_slink_probe(), when platform_get_irq() fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with

• CVE-2026-23179Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() When the socket is closed while in TCP_LISTEN a callback is run to flush all outstanding packets, which in turns calls nvmet_tcp_listen_data_ready() with t

• CVE-2026-23178HigFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() `i2c_hid_xfer` is used to read `recv_len + sizeof(__le16)` bytes of data into `ihid->rawbuf`. The former can come from the userspace in the h

• CVE-2026-23176Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_haps: Fix memory leaks in add/remove routines toshiba_haps_add() leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshiba_haps_remov

• CVE-2025-71224Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rx_no_sta when interface is not joined ieee80211_ocb_rx_no_sta() assumes a valid channel context, which is only present after JOIN_OCB. RX may run before JOIN_OCB is executed, in whic

• CVE-2026-23208Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. The buffer size for each d

• CVE-2026-23202Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress. When clearing curr_xfer in th

• CVE-2026-23190Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: fix memory leak in acp3x pdm dma ops

• CVE-2025-71222Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: ensure skb headroom before skb_push This avoids occasional skb_under_panic Oops from wl1271_tx_work. In this case, headroom is less than needed (typically 110 - 94 = 16 bytes).

• CVE-2026-23172HigFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xx_dpmaif_set_frag_to_skb() function adds page fragments to an skb without checking if the number o

• CVE-2026-23171HigFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be use

• CVE-2026-23169HigFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() syzbot and Eulgyu Kim reported crashes in mptcp_pm_nl_get_local_id() and/or mptcp_pm_nl_is_backup() Root cause is list_splice_init() in mptcp_pm_nl_flush_addrs

• CVE-2026-23155MedFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error") a failing resubmit URB will print

• CVE-2026-23151MedFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp_complete() where mgmt_pending_cmd structures are not freed after being removed from the pending list. Commit 302a1f674c00 ("Bluet

• CVE-2026-23139HigFeb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. Wit

• CVE-2026-23173Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers a

• CVE-2026-23170Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.

• CVE-2026-23167Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported the splat below [0] without a repro. It indicates that struct nci_dev.cmd_wq had been destroyed before nci_close_device() was call

• CVE-2026-23166Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes during resume from suspend when rings[q_idx]->q_vector is NULL. Tested adapt

• CVE-2026-23163Feb 14, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On APUs such as Raven and Renoir (GC 9.1.0, 9.2.2, 9.3.0), the ih1 and ih2 interrupt ring buffers are not initialized. This is by desi