VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

  • CVE-2026-23269HigMar 18, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes into the DFA state tables. The aa_dfa_next() function call in unpack_pdb() will acce

  • CVE-2026-23268HigMar 18, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by

  • CVE-2026-25702Mar 5, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before

  • CVE-2025-71236Feb 18, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature [154563.214890] nvme nvme2: NVME-FC{1}: controller connect complete [154564.169363] qla2xxx [0000:b0:00.1]-3

  • CVE-2026-23209HigFeb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23204HigFeb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro f

  • CVE-2026-23198HigFeb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVM_IRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvm_arch_irq_bypass_del_producer() on x86

  • CVE-2026-23191HigFeb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop

  • CVE-2025-71224Feb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rx_no_sta when interface is not joined ieee80211_ocb_rx_no_sta() assumes a valid channel context, which is only present after JOIN_OCB. RX may run before JOIN_OCB is executed, in whic

  • CVE-2026-23208Feb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. The buffer size for each d

  • CVE-2026-23141Feb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we need to check if we are dealing with an inline extent. This is because for inli

  • CVE-2026-23125Feb 14, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ===============================================

  • CVE-2026-23112CriFeb 13, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length or offset exceeds sg_cnt and then use bogus sg->length/offset values, leading

  • CVE-2026-23105HigFeb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qle

  • CVE-2026-23095HigFeb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. [0] The repro generated a GUE packet with its inner protocol 0. gue_udp_recv() returns -guehdr->proto_ctype for "resubmit" in

  • CVE-2026-23074HigFeb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will desc

  • CVE-2026-23054Feb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndis_filter_device_add() do

  • CVE-2025-71194Feb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type When wait_current_trans() is called during start_transaction(), it currently waits for a blocked transaction without considering wheth

  • CVE-2026-23099Feb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: bonding: limit BOND_MODE_8023AD to Ethernet devices BOND_MODE_8023AD makes sense for ARPHRD_ETHER only. syzbot reported: BUG: KASAN: global-out-of-bounds in __hw_addr_create net/core/dev_addr_lists.c:63 [inl

  • CVE-2026-23089Feb 4, 2026
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() When snd_usb_create_mixer() fails, snd_usb_mixer_free() frees mixer->id_elems but the controls already added to the card still reference the freed mem

Page 1 of 90