VYPR

rpm package

suse/kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Vulnerabilities (263)

  • CVE-2026-46243HigJun 1, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcall_target that cifs.upcall treats as kernel-originating in

  • CVE-2026-43499HigMay 21, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, but it is also used for proxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from futex_

  • CVE-2026-43437HigMay 8, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime (runtime = s->runtime at line 2157). After r

  • CVE-2026-43190HigMay 6, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_tcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xt_tcpmss.c (lines 53-68), the TCP option parser reads op[i+1] directly without validating the remaining

  • CVE-2026-43126HigMay 6, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the pot

  • CVE-2026-43037CriMay 1, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. ip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written by the IPv6 receive path as struct inet6_skb_parm.

  • CVE-2026-31685CriApr 25, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from the Ethernet source address and compares it with the low 64 bits of the IPv6 source address. The ex

  • CVE-2026-31607CriApr 24, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP client receives a RET_SUBMIT response, usbip_pack_ret_submit() unconditionally overwrites urb->number_of_packets from the network PDU.

  • CVE-2026-31402CriApr 3, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated bas

  • CVE-2026-23271HigMar 20, 2026
    affected < 3.0.101-108.210.1fixed 3.0.101-108.210.1

    In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race Make sure that __perf_event_overflow() runs with IRQs disabled for all possible callchains. Specifically the software events can end up runni

  • CVE-2026-23191HigFeb 14, 2026
    affected < 3.0.101-108.204.1fixed 3.0.101-108.204.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop

  • CVE-2026-23074HigFeb 4, 2026
    affected < 3.0.101-108.204.1fixed 3.0.101-108.204.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc

  • CVE-2026-23089Feb 4, 2026
    affected < 3.0.101-108.204.1fixed 3.0.101-108.204.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() When snd_usb_create_mixer() fails, snd_usb_mixer_free() frees mixer->id_elems but the controls already added to the card still reference the freed mem

  • CVE-2023-54168Dec 30, 2025
    affected < 3.0.101-108.198.1fixed 3.0.101-108.198.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() The ucmd->log_sq_bb_count variable is controlled by the user so this shift can wrap. Fix it by using check_shl_overflow() in the same way that it was don

  • CVE-2023-54110Dec 24, 2025
    affected < 3.0.101-108.198.1fixed 3.0.101-108.198.1

    In the Linux kernel, the following vulnerability has been resolved: usb: rndis_host: Secure rndis_query check against int overflow Variables off and len typed as uint32 in rndis_query function are controlled by incoming RNDIS response message thus their value may be manipulated

  • CVE-2025-40215Dec 4, 2025
    affected < 3.0.101-108.198.1fixed 3.0.101-108.198.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a

  • CVE-2025-40018Oct 24, 2025
    affected < 3.0.101-108.198.1fixed 3.0.101-108.198.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr

  • CVE-2023-53722Oct 22, 2025
    affected < 3.0.101-108.192.1fixed 3.0.101-108.192.1

    In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows

  • CVE-2023-53705Oct 22, 2025
    affected < 3.0.101-108.192.1fixed 3.0.101-108.192.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri

  • CVE-2025-39973Oct 15, 2025
    affected < 3.0.101-108.192.1fixed 3.0.101-108.192.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu

Page 1 of 14