rpm package

suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE Linux Enterprise Live Patching 15 SP7

pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Vulnerabilities (174)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-23268	Hig	7.8	< 3-150700.2.1	3-150700.2.1	Mar 18, 2026	In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by
CVE-2026-23209	Hig	7.8	< 2-150700.2.1	2-150700.2.1	Feb 14, 2026	In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l
CVE-2026-23111	Hig	7.8	< 2-150700.2.1	2-150700.2.1	Feb 13, 2026	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()
CVE-2026-23074	Hig	7.8	< 2-150700.2.1	2-150700.2.1	Feb 4, 2026	In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc
CVE-2026-23001	Hig	7.8	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan_hash_del_source() is called, we must clear entry->vlan pointer before RCU grace
CVE-2026-22999	Hig	7.8	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.
CVE-2026-22997	Hig	7.5	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts Since j1939_session_deactivate_activate_next() in j1939_tp_rxtimer() is called only when the timer is enabled
CVE-2026-23011		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gre: make ip6gre_header() robust") Over the years, syzbot found many ways to crash the kernel in ipgre_header() [1]. This involves
CVE-2026-23006		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "snd_soc_component" in "adcx140_priv" was only used once but never set. It was only used for reaching "dev" which is already present in "adcx140_priv".
CVE-2026-23005		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved
CVE-2026-23000		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5e_netdev_change_profile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev
CVE-2026-22996		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails, mlx5e_priv in mlx5e_dev devlink private is used to reference the
CVE-2025-71163		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device as part of the compat bind and unbind sysfs interface.
CVE-2025-71162		—	< 1-150700.1.3.2	1-150700.1.3.2	Jan 25, 2026	In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. The issue occurs when the DMA buffer is fre
CVE-2026-22993	Med	5.5	< 1-150700.1.3.2	1-150700.1.3.2	Jan 23, 2026	In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL ptr issue after soft reset During soft reset, the RSS LUT is freed and not restored unless the interface is up. If an ethtool command that accesses the rss lut is attempted immediately af
CVE-2026-22992	Hig	7.5	< 1-150700.1.3.2	1-150700.1.3.2	Jan 23, 2026	In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from mon_handle_auth_done() Currently any error from ceph_auth_handle_reply_done() is propagated via finish_auth() but isn't returned from mon_handle_auth_done(). This results
CVE-2026-22991	Hig	7.5	< 1-150700.1.3.2	1-150700.1.3.2	Jan 23, 2026	In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose_arg_map() may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decode_choose_args(), if
CVE-2026-22990	Hig	7.5	< 1-150700.1.3.2	1-150700.1.3.2	Jan 23, 2026	In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. In
CVE-2026-22988	Hig	7.8	< 1-150700.1.3.2	1-150700.1.3.2	Jan 23, 2026	In the Linux kernel, the following vulnerability has been resolved: arp: do not assume dev_hard_header() does not change skb->head arp_create() is the only dev_hard_header() caller making assumption about skb->head being unchanged. A recent commit broke this assumption. Initi
CVE-2026-22985	Med	5.5	< 1-150700.1.3.2	1-150700.1.3.2	Jan 23, 2026	In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off

CVE-2026-23268HigMar 18, 2026
affected < 3-150700.2.1fixed 3-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by
CVE-2026-23209HigFeb 14, 2026
affected < 2-150700.2.1fixed 2-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l
CVE-2026-23111HigFeb 13, 2026
affected < 2-150700.2.1fixed 2-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()
CVE-2026-23074HigFeb 4, 2026
affected < 2-150700.2.1fixed 2-150700.2.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc
CVE-2026-23001HigJan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan_hash_del_source() is called, we must clear entry->vlan pointer before RCU grace
CVE-2026-22999HigJan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.
CVE-2026-22997HigJan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts Since j1939_session_deactivate_activate_next() in j1939_tp_rxtimer() is called only when the timer is enabled
CVE-2026-23011Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gre: make ip6gre_header() robust") Over the years, syzbot found many ways to crash the kernel in ipgre_header() [1]. This involves
CVE-2026-23006Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "snd_soc_component" in "adcx140_priv" was only used once but never set. It was only used for reaching "dev" which is already present in "adcx140_priv".
CVE-2026-23005Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved
CVE-2026-23000Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5e_netdev_change_profile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev
CVE-2026-22996Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails, mlx5e_priv in mlx5e_dev devlink private is used to reference the
CVE-2025-71163Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device as part of the compat bind and unbind sysfs interface.
CVE-2025-71162Jan 25, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. The issue occurs when the DMA buffer is fre
CVE-2026-22993MedJan 23, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL ptr issue after soft reset During soft reset, the RSS LUT is freed and not restored unless the interface is up. If an ethtool command that accesses the rss lut is attempted immediately af
CVE-2026-22992HigJan 23, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from mon_handle_auth_done() Currently any error from ceph_auth_handle_reply_done() is propagated via finish_auth() but isn't returned from mon_handle_auth_done(). This results
CVE-2026-22991HigJan 23, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose_arg_map() may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decode_choose_args(), if
CVE-2026-22990HigJan 23, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. In
CVE-2026-22988HigJan 23, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume dev_hard_header() does not change skb->head arp_create() is the only dev_hard_header() caller making assumption about skb->head being unchanged. A recent commit broke this assumption. Initi
CVE-2026-22985MedJan 23, 2026
affected < 1-150700.1.3.2fixed 1-150700.1.3.2
In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off

Page 1 of 9