suse/kernel-default-base&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

Vulnerabilities (2,262)

• CVE-2026-22991HigJan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose_arg_map() may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decode_choose_args(), if

• CVE-2026-22990HigJan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. In

• CVE-2026-22988HigJan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: arp: do not assume dev_hard_header() does not change skb->head arp_create() is the only dev_hard_header() caller making assumption about skb->head being unchanged. A recent commit broke this assumption. Initi

• CVE-2026-22985MedJan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off

• CVE-2026-22984CriJan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idryomov: changelog ]

• CVE-2026-22989Jan 23, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlock_filesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nf

• CVE-2026-22982Jan 23, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer d

• CVE-2026-22979Jan 23, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list() is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation lo

• CVE-2026-22978Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in user space) */ __u16 l

• CVE-2025-71149Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

• CVE-2025-71157Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() Since nldev_deldev() (introduced by commit 060c642b2ab8 ("RDMA/nldev: Add support to add/delete a sub IB device through netlink") grabs a re

• CVE-2025-71156Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. This allows interrupt to fire before the associated NAPI context is fully initiali

• CVE-2025-71154Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure In async_set_registers(), when usb_submit_urb() fails, the allocated async_req structure and URB are not freed, causing a memory leak. The com

• CVE-2025-71148Jan 23, 2026
  affected < 6.4.0-150700.53.34.1.150700.17.23.1fixed 6.4.0-150700.53.34.1.150700.17.23.1

  In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshake_req_submit() replaces sk->sk_destruct but never restores it when submission fails before the request is hashed. handshake_sk_destruct() then returns

• CVE-2025-71147Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix a memory leak in tpm2_load_cmd 'tpm2_load_cmd' allocates a tempoary blob indirectly via 'tpm2_key_decode' but it is not freed in the failure paths. Address this by wrapping the blob into with

• CVE-2025-71145Jan 23, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change fixing a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case as the isp1301_get_client() helpe

• CVE-2026-22977Jan 21, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sock_recv_errqueue skbuff_fclone_cache was created without defining a usercopy region, [1] unlike skbuff_head_cache which properly whitelists the cb[] field. [2] This c

• CVE-2026-22976Jan 21, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset `qfq_class->leaf_qdisc->q.qlen > 0` does not imply that the class itself is active. Two qfq_class objects may point to the s

• CVE-2025-71143Jan 14, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __

• CVE-2025-71142Jan 14, 2026
  affected < 6.4.0-150700.53.31.1.150700.17.21.1fixed 6.4.0-150700.53.31.1.150700.17.21.1

  In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110 RIP: 0010:remote_partition_disable+0xf7/0x110