rpm package
suse/kernel-source&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (3,141)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-23278 | Hig | 7.8 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 20, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part o | |
| CVE-2026-23277 | — | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 20, 2026 | In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit through slave devices, but does not update skb->dev to the sl | ||
| CVE-2026-23274 | Hig | 7.8 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 20, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio | |
| CVE-2026-23272 | Hig | 7.8 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 20, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be | |
| CVE-2026-23270 | Hig | 7.8 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held b | |
| CVE-2026-23255 | Med | 5.5 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Real issue is that ptype_seq_next() and ptype_seq_show() violate RCU rules. ptype_ | |
| CVE-2025-71269 | Med | 5.5 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an o | |
| CVE-2025-71268 | Med | 5.5 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from __cow_file_range_inline() without freeing the reserved qgroup dat | |
| CVE-2026-23262 | — | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: gve: Fix stats report corruption on queue count change The driver and the NIC share a region in memory for stats reporting. The NIC calculates its offset into this region based on the total size of the stats re | ||
| CVE-2026-23243 | Hig | 7.8 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len | |
| CVE-2026-23242 | Hig | 7.5 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp- | |
| CVE-2026-23231 | Hig | 7.8 | < 6.4.0-41.1 | 6.4.0-41.1 | Mar 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If nf_tables_reg | |
| CVE-2026-23222 | Hig | 7.8 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly The existing allocation of scatterlists in omap_crypto_copy_sg_lists() was allocating an array of scatterlist pointers, not scatterlist obje | |
| CVE-2026-23229 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl | ||
| CVE-2026-23221 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driver_override_show() The driver_override_show() function reads the driver_override string without holding the device_lock. However, driver_override_store() uses driver_set_o | ||
| CVE-2025-71236 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature [154563.214890] nvme nvme2: NVME-FC{1}: controller connect complete [154564.169363] qla2xxx [0000:b0:00.1]-3 | ||
| CVE-2025-71235 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. [105954.384919] RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 [105954.3 | ||
| CVE-2025-71234 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station data in __sta_info_alloc(). | ||
| CVE-2025-71232 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla2xxx [0000:27:00.0]-0042:0: Disabled MSI-X. [61110.467494] ====================== | ||
| CVE-2025-71231 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empt |
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part o
- CVE-2026-23277Mar 20, 2026affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit through slave devices, but does not update skb->dev to the sl
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held b
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Real issue is that ptype_seq_next() and ptype_seq_show() violate RCU rules. ptype_
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an o
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from __cow_file_range_inline() without freeing the reserved qgroup dat
- CVE-2026-23262Mar 18, 2026affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: gve: Fix stats report corruption on queue count change The driver and the NIC share a region in memory for stats reporting. The NIC calculates its offset into this region based on the total size of the stats re
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp-
- affected < 6.4.0-41.1fixed 6.4.0-41.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If nf_tables_reg
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly The existing allocation of scatterlists in omap_crypto_copy_sg_lists() was allocating an array of scatterlist pointers, not scatterlist obje
- CVE-2026-23229Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl
- CVE-2026-23221Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driver_override_show() The driver_override_show() function reads the driver_override string without holding the device_lock. However, driver_override_store() uses driver_set_o
- CVE-2025-71236Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature [154563.214890] nvme nvme2: NVME-FC{1}: controller connect complete [154564.169363] qla2xxx [0000:b0:00.1]-3
- CVE-2025-71235Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. [105954.384919] RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 [105954.3
- CVE-2025-71234Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station data in __sta_info_alloc().
- CVE-2025-71232Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla2xxx [0000:27:00.0]-0042:0: Disabled MSI-X. [61110.467494] ======================
- CVE-2025-71231Feb 18, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empt
Page 2 of 158