VYPR

rpm package

suse/kernel-livepatch-SLE16_Update_4&distro=SUSE Linux Enterprise Server 16.0

pkg:rpm/suse/kernel-livepatch-SLE16_Update_4&distro=SUSE%20Linux%20Enterprise%20Server%2016.0

Vulnerabilities (13)

  • CVE-2026-46300HigMay 23, 2026
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally

  • CVE-2026-46333HigMay 15, 2026
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when y

  • CVE-2025-54518HigMay 15, 2026
    affected < 7-160000.1.1fixed 7-160000.1.1

    Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.

  • CVE-2026-23317HigMar 25, 2026
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that r

  • CVE-2026-23274HigMar 20, 2026
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio

  • CVE-2026-23243HigMar 18, 2026
    affected < 7-160000.1.1fixed 7-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len

  • CVE-2026-23209HigFeb 14, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23111HigFeb 13, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()

  • CVE-2026-23074HigFeb 4, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc

  • CVE-2026-22999HigJan 25, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF.

  • CVE-2025-71120Jan 14, 2026
    affected < 3-160000.1.1fixed 3-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_addres

  • CVE-2025-68813Jan 13, 2026
    affected < 2-160000.1.1fixed 2-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in __ip_vs_get_out_rt() calls dst_link_failure() without ensuring skb->dev is set, leading to a NULL pointer dereference in fib_compute_spec_

  • CVE-2025-71085Jan 13, 2026
    affected < 2-160000.1.1fixed 2-160000.1.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of t