rpm package
suse/kernel-rt&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (4,438)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-23145 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refcount for iloc.bh. Find this when review code. | ||
| CVE-2026-23141 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inli | ||
| CVE-2026-23113 | Med | 5.5 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking (which will create a new wo | |
| CVE-2026-23135 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a DMA mapped buffer and stores the addresses in XXX_unaligned fields. Those should be reused when freeing the buffer rather than the | ||
| CVE-2026-23133 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a DMA mapped buffer and stores the addresses in XXX_unaligned fields. Those should be reused when freeing the buffer rather than the | ||
| CVE-2026-23129 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers dpll_xa_ref_{dpll,pin}_add() to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin | ||
| CVE-2026-23121 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev->work dev->work can re read locklessly in mISDN_read() and mISDN_poll(). Add READ_ONCE()/WRITE_ONCE() annotations. BUG: KCSAN: data-race in mISDN_ioctl / mISDN_read write | ||
| CVE-2026-23119 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to __skb_flow_dissect() After 3cbf4ffba5ee ("net: plumb network namespace into __skb_flow_dissect") we have to provide a net pointer to __skb_flow_dissect(), either via skb->dev, | ||
| CVE-2026-23116 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX8MQ platform, the ADB in the VPUMIX domain has no separate reset and clock enable bits, but is ungated and reset together with the | ||
| CVE-2025-71200 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MS | ||
| CVE-2026-23112 | Cri | 9.8 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length or offset exceeds sg_cnt and then use bogus sg->length/offset values, leading | |
| CVE-2026-23111 | Hig | 7.8 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate() | |
| CVE-2026-25547 | Cri | — | < 6.4.0-41.1 | 6.4.0-41.1 | Feb 4, 2026 | @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated nume | |
| CVE-2026-23110 | Med | 4.7 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running | |
| CVE-2026-23105 | Hig | 7.8 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qle | |
| CVE-2026-23095 | Hig | 7.5 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. [0] The repro generated a GUE packet with its inner protocol 0. gue_udp_recv() returns -guehdr->proto_ctype for "resubmit" in | |
| CVE-2026-23082 | Med | 5.5 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error In commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"), the URB was re-anchored before us | |
| CVE-2026-23074 | Hig | 7.8 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc | |
| CVE-2026-23058 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"). In ems_usb_open(), the UR | ||
| CVE-2026-23057 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb (with a spare tail room) is followed by a small skb (length limited by GOOD_COPY_LEN = 128), an |
- CVE-2026-23145Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refcount for iloc.bh. Find this when review code.
- CVE-2026-23141Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inli
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking (which will create a new wo
- CVE-2026-23135Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a DMA mapped buffer and stores the addresses in XXX_unaligned fields. Those should be reused when freeing the buffer rather than the
- CVE-2026-23133Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a DMA mapped buffer and stores the addresses in XXX_unaligned fields. Those should be reused when freeing the buffer rather than the
- CVE-2026-23129Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers dpll_xa_ref_{dpll,pin}_add() to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin
- CVE-2026-23121Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev->work dev->work can re read locklessly in mISDN_read() and mISDN_poll(). Add READ_ONCE()/WRITE_ONCE() annotations. BUG: KCSAN: data-race in mISDN_ioctl / mISDN_read write
- CVE-2026-23119Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to __skb_flow_dissect() After 3cbf4ffba5ee ("net: plumb network namespace into __skb_flow_dissect") we have to provide a net pointer to __skb_flow_dissect(), either via skb->dev,
- CVE-2026-23116Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX8MQ platform, the ADB in the VPUMIX domain has no separate reset and clock enable bits, but is ungated and reset together with the
- CVE-2025-71200Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MS
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length or offset exceeds sg_cnt and then use bogus sg->length/offset values, leading
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()
- affected < 6.4.0-41.1fixed 6.4.0-41.1
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated nume
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qle
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. [0] The repro generated a GUE packet with its inner protocol 0. gue_udp_recv() returns -guehdr->proto_ctype for "resubmit" in
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error In commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"), the URB was re-anchored before us
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc
- CVE-2026-23058Feb 4, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"). In ems_usb_open(), the UR
- CVE-2026-23057Feb 4, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb (with a spare tail room) is followed by a small skb (length limited by GOOD_COPY_LEN = 128), an
Page 3 of 222