VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP7

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Vulnerabilities (2,202)

  • CVE-2026-23386MedMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL In DQ-QPL mode, gve_tx_clean_pending_packets() incorrectly uses the RDA buffer cleanup path. It iterates num_bufs times and attempts to

  • CVE-2026-23381MedMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which in

  • CVE-2026-23379MedMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'q_sum' and 'q_psum'. Using unsigned int, th

  • CVE-2026-23361HigMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Endpoint drivers use dw_pcie_ep_raise_msix_irq() to raise an MSI-X interrupt to the host using a writel(), which generates a PCI posted write trans

  • CVE-2026-23359HigMar 25, 2026
    affected < 6.4.0-150700.7.59.2fixed 6.4.0-150700.7.59.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of

  • CVE-2026-23327HigMar 25, 2026
    affected < 6.4.0-150700.7.59.2fixed 6.4.0-150700.7.59.2

    In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() cxl_payload_from_user_allowed() casts and dereferences the input payload without first verifying its size. When a raw

  • CVE-2026-23319HigMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this bug is that when 'bpf_link_put' reduces the refcount of 'shim_link->link.link' to zero, the resource is considered released but may

  • CVE-2026-23317HigMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that r

  • CVE-2026-23303MedMar 25, 2026
    affected < 6.4.0-150700.7.59.2fixed 6.4.0-150700.7.59.2

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log

  • CVE-2026-23293MedMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which ini

  • CVE-2026-23292MedMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in __configfs_open_file() In flush_write_buffer, &p->frag_sem is acquired and then the loaded store function is called, which, here, is target_core_item_dbroot_store(). This

  • CVE-2026-23281HigMar 25, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbs_free_adapter() The lbs_free_adapter() function uses timer_delete() (non-synchronous) for both command_timer and tx_lockup_timer before the structure is freed. This is i

  • CVE-2026-23278HigMar 20, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part o

  • CVE-2026-23277MedMar 20, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit through slave devices, but does not update skb->dev to the sl

  • CVE-2026-23274HigMar 20, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revisio

  • CVE-2026-23272HigMar 20, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally bump set->nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be

  • CVE-2026-23270HigMar 18, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held b

  • CVE-2026-23269HigMar 18, 2026
    affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes into the DFA state tables. The aa_dfa_next() function call in unpack_pdb() will acce

  • CVE-2026-23268HigMar 18, 2026
    affected < 6.4.0-150700.7.34.1fixed 6.4.0-150700.7.34.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by

  • CVE-2026-23259MedMar 18, 2026
    affected < 6.4.0-150700.7.37.2fixed 6.4.0-150700.7.37.2

    In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through io_req_rw_cleanup() and has an allocated iovec attached and fails to put to the rw_cache, then it may end

Page 6 of 111