rpm package
suse/kernel-source-rt&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (4,438)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-23176 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_haps: Fix memory leaks in add/remove routines toshiba_haps_add() leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshiba_haps_remov | ||
| CVE-2025-71224 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rx_no_sta when interface is not joined ieee80211_ocb_rx_no_sta() assumes a valid channel context, which is only present after JOIN_OCB. RX may run before JOIN_OCB is executed, in whic | ||
| CVE-2026-23208 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. The buffer size for each d | ||
| CVE-2026-23202 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress. When clearing curr_xfer in th | ||
| CVE-2026-23190 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: fix memory leak in acp3x pdm dma ops | ||
| CVE-2025-71222 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: ensure skb headroom before skb_push This avoids occasional skb_under_panic Oops from wl1271_tx_work. In this case, headroom is less than needed (typically 110 - 94 = 16 bytes). | ||
| CVE-2026-23172 | Hig | 8.4 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xx_dpmaif_set_frag_to_skb() function adds page fragments to an skb without checking if the number o | |
| CVE-2026-23171 | Hig | 7.8 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be use | |
| CVE-2026-23155 | Med | 5.5 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error") a failing resubmit URB will print | |
| CVE-2026-23151 | Med | 5.5 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp_complete() where mgmt_pending_cmd structures are not freed after being removed from the pending list. Commit 302a1f674c00 ("Bluet | |
| CVE-2026-23139 | Hig | 7.5 | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. Wit | |
| CVE-2026-23173 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers a | ||
| CVE-2026-23170 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind. | ||
| CVE-2026-23167 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported the splat below [0] without a repro. It indicates that struct nci_dev.cmd_wq had been destroyed before nci_close_device() was call | ||
| CVE-2026-23166 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes during resume from suspend when rings[q_idx]->q_vector is NULL. Tested adapt | ||
| CVE-2026-23163 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On APUs such as Raven and Renoir (GC 9.1.0, 9.2.2, 9.3.0), the ih1 and ih2 interrupt ring buffers are not initialized. This is by desi | ||
| CVE-2026-23156 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory b | ||
| CVE-2026-23152 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. | ||
| CVE-2026-23150 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various memory leaks related to NFC, struct nfc_llcp_sock, sk_buff, nfc_dev, etc. [0] The leading log hinted that nfc_llcp_send_ui_frame() fa | ||
| CVE-2026-23146 | — | < 6.4.0-40.1 | 6.4.0-40.1 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_proto() sets HCI_UART_PROTO_INIT before calling hci_uart_register_dev(), which calls proto->open() to initialize hu->priv. However, if |
- CVE-2026-23176Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_haps: Fix memory leaks in add/remove routines toshiba_haps_add() leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshiba_haps_remov
- CVE-2025-71224Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rx_no_sta when interface is not joined ieee80211_ocb_rx_no_sta() assumes a valid channel context, which is only present after JOIN_OCB. RX may run before JOIN_OCB is executed, in whic
- CVE-2026-23208Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. The buffer size for each d
- CVE-2026-23202Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer The curr_xfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress. When clearing curr_xfer in th
- CVE-2026-23190Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: fix memory leak in acp3x pdm dma ops
- CVE-2025-71222Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: ensure skb headroom before skb_push This avoids occasional skb_under_panic Oops from wl1271_tx_work. In this case, headroom is less than needed (typically 110 - 94 = 16 bytes).
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb->frags overflow in RX path When receiving data in the DPMAIF RX path, the t7xx_dpmaif_set_frag_to_skb() function adds page fragments to an skb without checking if the number o
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be use
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix error message Sinc commit 79a6d1bfe114 ("can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error") a failing resubmit URB will print
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp_complete() where mgmt_pending_cmd structures are not freed after being removed from the pending list. Commit 302a1f674c00 ("Bluet
- affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. Wit
- CVE-2026-23173Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers a
- CVE-2026-23170Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure (e.g. probe deferral) and on driver unbind.
- CVE-2026-23167Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nci_unregister_device(). syzbot reported the splat below [0] without a repro. It indicates that struct nci_dev.cmd_wq had been destroyed before nci_close_device() was call
- CVE-2026-23166Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes during resume from suspend when rings[q_idx]->q_vector is NULL. Tested adapt
- CVE-2026-23163Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove On APUs such as Raven and Renoir (GC 9.1.0, 9.2.2, 9.3.0), the ih1 and ih2 interrupt ring buffers are not initialized. This is by desi
- CVE-2026-23156Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory b
- CVE-2026-23152Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped.
- CVE-2026-23150Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various memory leaks related to NFC, struct nfc_llcp_sock, sk_buff, nfc_dev, etc. [0] The leading log hinted that nfc_llcp_send_ui_frame() fa
- CVE-2026-23146Feb 14, 2026affected < 6.4.0-40.1fixed 6.4.0-40.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_proto() sets HCI_UART_PROTO_INIT before calling hci_uart_register_dev(), which calls proto->open() to initialize hu->priv. However, if
Page 2 of 222