rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-23398 | Med | 5.5 | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Mar 26, 2026 | In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmp_tag_validation() icmp_tag_validation() unconditionally dereferences the result of rcu_dereference(inet_protos[proto]) without checking for NULL. The inet_protos[] arra | |
| CVE-2026-23293 | Med | 5.5 | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Mar 25, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which ini | |
| CVE-2026-23274 | Hig | 7.8 | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Mar 20, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio | |
| CVE-2026-23272 | Hig | 7.8 | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Mar 20, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be | |
| CVE-2026-23243 | Hig | 7.8 | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Mar 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len | |
| CVE-2026-23103 | Hig | 7.8 | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so | |
| CVE-2025-38234 | — | < 5.3.18-150300.59.241.1 | 5.3.18-150300.59.241.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do |
- affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmp_tag_validation() icmp_tag_validation() unconditionally dereferences the result of rcu_dereference(inet_protos[proto]) without checking for NULL. The inet_protos[] arra
- affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which ini
- affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio
- affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be
- affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len
- affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so
- CVE-2025-38234Jul 4, 2025affected < 5.3.18-150300.59.241.1fixed 5.3.18-150300.59.241.1
In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a do