VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_84&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_84&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (84)

  • CVE-2026-43040HigMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTM_NEWNDUSEROPT netlink m

  • CVE-2026-43038CriMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inet_skb_p

  • CVE-2026-43037CriMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. ip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written by the IPv6 receive path as struct inet6_skb_parm.

  • CVE-2026-43028HigMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change.

  • CVE-2026-43026MedMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent ctnetlink_alloc_expect() allocates expectations from a non-zeroing slab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not presen

  • CVE-2026-43024MedMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject immediate NF_QUEUE verdict nft_queue is always used from userspace nftables to deliver the NF_QUEUE verdict. Immediately emitting an NF_QUEUE verdict is never used by the userspace

  • CVE-2026-43020HigMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate LTK enc_size on load Load Long Term Keys stores the user-provided enc_size and later uses it to size fixed-size stack operations when replying to LE LTK requests. An enc_size larger th

  • CVE-2026-31778HigMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in init_card The loop creates a whitespace-stripped copy of the card shortname where `len < sizeof(card->id)` is used for the bounds check. Since sizeof(card->id) is 16

  • CVE-2026-31759HigMay 1, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix double free in ulpi_register_interface() error path When device_register() fails, ulpi_register() calls put_device() on ulpi->dev. The device release callback ulpi_dev_release() drops the OF nod

  • CVE-2026-31678HigApr 25, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent rea

  • CVE-2026-31674HigApr 25, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr duri

  • CVE-2026-31673HigApr 25, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path under unix_state_lock() and drops

  • CVE-2026-31671MedApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but the padding is never zeroed b

  • CVE-2026-31668CriApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dst_cache per encap route, shared between seg6_input_core() and seg6_output_core(). These two paths can perfo

  • CVE-2026-31664MedApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but the analogous function build_po

  • CVE-2026-31629HigApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCP_CLOSED checks In nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket state is LLCP_CLOSED, the code correctly calls release_sock() and nfc_llcp_sock_put() but

  • CVE-2026-31596MedApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI RIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308 Cod

  • CVE-2026-31590MedApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION Drop the WARN in sev_pin_memory() on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing:

  • CVE-2026-31588HigApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values When exiting to userspace to service an emulated MMIO write, copy the to-be-written value to a scratch field in the MMIO fragment if the s

  • CVE-2026-31546MedApr 24, 2026
    affected < 1-8.7.1fixed 1-8.7.1

    In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_hashtbl_used_head list with slave set to NULL when no replacement slave is available