VYPR

rpm package

suse/kernel-livepatch-SLE16-RT_Update_4&distro=SUSE Linux Micro 6.2

pkg:rpm/suse/kernel-livepatch-SLE16-RT_Update_4&distro=SUSE%20Linux%20Micro%206.2

Vulnerabilities (8)

  • CVE-2026-23268HigMar 18, 2026
    affected < 4-160000.1.1fixed 4-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by

  • CVE-2026-23209HigFeb 14, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23111HigFeb 13, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()

  • CVE-2026-23074HigFeb 4, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc

  • CVE-2026-22999HigJan 25, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.

  • CVE-2025-71120Jan 14, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres

  • CVE-2025-68813Jan 13, 2026
    affected < 2-160000.1.1fixed 2-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure() without ensuring skb->dev is set, leading to a NULL pointer dereference in fib_compute_spec_

  • CVE-2025-71085Jan 13, 2026
    affected < 2-160000.1.1fixed 2-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t